Apple Safari for Mac OS X Multiple Vulnerabilities
Last Update Date:
27 Jul 2012 13:57
Release Date:
27 Jul 2012
5018
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Apple Safari for Mac OS X, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, and compromise a user's system.
- An error when handling "feed:" URLs can be exploited to conduct cross-site scripting attacks.
- An access control error within the handling of the "feed:" URLs can be exploited to upload arbitrary files to a server by tricking the user to visiting a malicious site.
- An error within the autocomplete feature can be exploited to bypass the attribute and autocomplete passwords.
- An error when handling the HTTP "Content-Disposition" header can be exploited to open an attachment without showing the "Open" dialog prompt and conduct cross-site scripting attacks.
- Multiple errors exist due to a bundled vulnerable version of WebKit.
- Multiple errors in the WebKit component can be exploited to execute arbitrary code.
- A cross-origin error in the WebKit component when handling drag and drop events can be exploited to bypass the same-origin policy and disclose certain text by tricking the user into visiting a malicious website.
- A cross-origin error in the WebKit component when handling drag and drop events can be exploited to bypass the same-origin policy and disclose certain files by tricking the user into visiting a malicious website.
- A cross-origin error in the WebKit component when handling CSS property values can be exploited to bypass the same-origin policy and disclose certain information by tricking the user into visiting a malicious website.
- An error exists within the cross-origin policy when parenting pop-up windows.
- A cross-origin error can be exploited to disclose the iFrame fragment ID.
- An error within the International Domain Name (IDN) support feature can be exploited to spoof a URL containing look-alike characters and trick a user into visiting a malicious website.
- An error within the WebKit component when handling drag and drop events can be exploited to disclose filesystem path of certain files.
- A canonicalization error within the handling of URLs can be exploited to conduct cross-site scripting attacks via a specially crafted "location.href" property.
- An error when handling WebSockets can be exploited to conduct HTTP request splitting attacks.
- An error within the history handling can be exploited to spoof the URL bar.
- An error exists within the WebProcess and can be exploited to bypass the sandbox restrictions.
- An error when handling SVG images can be exploited to disclose the contents of arbitrary memory locations
Impact
- Cross-Site Scripting
- Security Restriction Bypass
- Information Disclosure
- Spoofing
System / Technologies affected
- Safari versions prior to 6.0 on OS X Lion version 10.7.4 and OS X Lion Server version 10.7.4.
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to Safari version 6.0 via Apple Software Update.
Vulnerability Identifier
- CVE-2011-2845
- CVE-2011-3016
- CVE-2011-3021
- CVE-2011-3027
- CVE-2011-3032
- CVE-2011-3034
- CVE-2011-3035
- CVE-2011-3036
- CVE-2011-3037
- CVE-2011-3038
- CVE-2011-3039
- CVE-2011-3040
- CVE-2011-3041
- CVE-2011-3042
- CVE-2011-3043
- CVE-2011-3044
- CVE-2011-3050
- CVE-2011-3053
- CVE-2011-3059
- CVE-2011-3060
- CVE-2011-3064
- CVE-2011-3067
- CVE-2011-3068
- CVE-2011-3069
- CVE-2011-3071
- CVE-2011-3073
- CVE-2011-3074
- CVE-2011-3075
- CVE-2011-3076
- CVE-2011-3078
- CVE-2011-3081
- CVE-2011-3086
- CVE-2011-3089
- CVE-2011-3090
- CVE-2011-3426
- CVE-2011-3913
- CVE-2011-3924
- CVE-2011-3926
- CVE-2011-3958
- CVE-2011-3966
- CVE-2011-3968
- CVE-2011-3969
- CVE-2011-3971
- CVE-2012-0678
- CVE-2012-0679
- CVE-2012-0680
- CVE-2012-0682
- CVE-2012-0683
- CVE-2012-1520
- CVE-2012-1521
- CVE-2012-2815
- CVE-2012-3589
- CVE-2012-3590
- CVE-2012-3591
- CVE-2012-3592
- CVE-2012-3593
- CVE-2012-3594
- CVE-2012-3595
- CVE-2012-3596
- CVE-2012-3597
- CVE-2012-3599
- CVE-2012-3600
- CVE-2012-3603
- CVE-2012-3604
- CVE-2012-3605
- CVE-2012-3608
- CVE-2012-3609
- CVE-2012-3610
- CVE-2012-3611
- CVE-2012-3615
- CVE-2012-3618
- CVE-2012-3620
- CVE-2012-3625
- CVE-2012-3626
- CVE-2012-3627
- CVE-2012-3628
- CVE-2012-3629
- CVE-2012-3630
- CVE-2012-3631
- CVE-2012-3633
- CVE-2012-3634
- CVE-2012-3635
- CVE-2012-3636
- CVE-2012-3637
- CVE-2012-3638
- CVE-2012-3639
- CVE-2012-3640
- CVE-2012-3641
- CVE-2012-3642
- CVE-2012-3644
- CVE-2012-3645
- CVE-2012-3646
- CVE-2012-3650
- CVE-2012-3653
- CVE-2012-3655
- CVE-2012-3656
- CVE-2012-3661
- CVE-2012-3663
- CVE-2012-3664
- CVE-2012-3665
- CVE-2012-3666
- CVE-2012-3667
- CVE-2012-3668
- CVE-2012-3669
- CVE-2012-3670
- CVE-2012-3674
- CVE-2012-3678
- CVE-2012-3679
- CVE-2012-3680
- CVE-2012-3681
- CVE-2012-3682
- CVE-2012-3683
- CVE-2012-3686
- CVE-2012-3689
- CVE-2012-3690
- CVE-2012-3691
- CVE-2012-3693
- CVE-2012-3694
- CVE-2012-3695
- CVE-2012-3696
- CVE-2012-3697
Source
Related Link
Share with