‫ Apple Safari Multiple Vulnerabilities

IRCAD2014073395

Number: IRCAD2014073395

Date: 2014/07/01

Criticality level: highly critical

Software:

Apple Safari 6.x

Apple Safari 7.x

Description

Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct spoofing attacks and compromise a user's system.

1) An unspecified error exists in WebKit, which can be exploited to cause memory corruption.
2) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
3) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
4) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
5) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
6) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
7) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
8) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
9) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
10) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
Successful exploitation of the vulnerabilities #1 through #‫10 may allow execution of arbitrary code.
11) An error when handling URLs can be exploited to spoof the domain name of a web site in the address bar.

The vulnerabilities are reported in versions prior to 6.1.5 and prior to 7.0.5.

Solution:

Update to version 6.1.5 or 7.0.5.

Resources:

APPLE-SA-2014-06-30-1:

secunia:
 
 
 
 
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 11 تیر 1393

امتیاز

امتیاز شما
تعداد امتیازها:0