|
Apple Safari Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA35379
|
|
|
Release Date:
|
2009-06-09
|
|
Last Update:
|
2009-07-13
|
|
Popularity:
|
2,964 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
Security Bypass
Cross Site Scripting
Exposure of sensitive information
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Safari 3.x
Safari for Windows 3.x
|
|
|
Binary Analysis:
|
BA769 :: Available for 1 Credit 
BA780 :: Available for 1 Credit
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, or compromise a user's system.
1) An error in the handling of TrueType fonts can be exploited to corrupt memory when a user visits a web site embedding a specially crafted font.
Successful exploitation may allow execution of arbitrary code.
2) Some vulnerabilities in FreeType can potentially be exploited to compromise a user's system.
For more information:
SA34723
3) Some vulnerabilities in libpng can potentially be exploited to compromise a user's system.
For more information:
SA33970
4) An error in the processing of external entities in XML files can be exploited to read files from the user's system when a users visits a specially crafted web page.
5) An error in the handling of redirects when processing Extensible Stylesheet Language Transformations (XSLT) can be exploited to disclose XML content from other web sites.
6) An error in the XSL "document()" function can be exploited to read files from other security zones, including the user's system.
7) An error in WebKit in the handling of Javascript contexts can be exploited to conduct cross-site scripting attacks, allowing e.g. to spoof content of a web site that is navigated to.
8) An error exists in WebKit when executing JavaScript code which sets a certain property of an HTML tag. This can be exploited to free child elements of the HTML tag and subsequently reference the freed memory when an HTML error is encountered.
Successful exploitation of this vulnerability may allow execution of arbitrary code.
9) An error when handling calls to the CSS "attr" function can be exploited to access an uninitialised pointer and potentially execute arbitrary code.
10) An error in the handling of "file:" URLs can be exploited to read local files and disclose potentially sensitive information.
Other vulnerabilities have also been reported of which some may also affect Safari version 3.x.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
