فا

‫ Apple Safari Multiple Vulnerabilities

ID: IRCAD2014123661
Release Date: 2014-12-04
Criticality level: Highly critical
Software:
Apple Safari 6.x
Apple Safari 7.x
Apple Safari 8.x
Description:
Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system.
1) An error when handling CSS references in SVGs loaded in an img element can be exploited to load a CSS file cross-origin.
2) Some unspecified errors in WebKit can be exploited to corrupt memory.
Successful exploitation of this vulnerability may allow execution of arbitrary code.
The vulnerabilities are reported in versions prior to 8.0.1, prior to 7.1.1, and prior to 6.2.1 running on OS X versions 10.8.5, 10.9.5, and 10.10.1.
Solution
Update to version 8.0.1, 7.1.1, or 6.2.1.
References:
APPLE-SA-2014-12-2-1:
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 17 آذر 1393

امتیاز

امتیاز شما
تعداد امتیازها:0