Apple Safari Code Execution and Security Bypass Vulnerabilities

Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by attackers to disclose sensitive information, bypass security restrictions, cause a denial of service or compromise an affected system.

1. A heap overflow error in CoreGraphics in the drawing of long text strings, which could be exploited to crash an affected browser or execute arbitrary code.

2. A buffer overflow error in ImageIO when handling EXIF metadata., which could be exploited to crash an affected browser or execute arbitrary code.

3. An error in the Top Sites feature, which could allow a malicious web site to promote arbitrary sites into the Top Sites view through automated actions.

4. A buffer overflow in WebKit when parsing floating point numbers, which could be exploited to crash an affected browser or execute arbitrary code.

5 An error in WebKit when handling the pluginspage attribute of the "embed" element, which could allow a remote attacker to launch file URLs in Safari, and lead to the disclosure of sensitive information.

6. An error within International Domain Name (IDN) support and Unicode fonts, which could allow a remote attacker to direct the user to a spoofed site that visually appears to be a legitimate domain.