Apple Safari for Windows Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 23 Jun 2008 4708 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by remote attackers to disclose sensitive information or compromise a vulnerable system.

1. Due to an error when handling BMP and GIF images, which could cause an out-of-bounds memory read, leading to the disclosure of memory contents.

2. Due to an error when handling files that are downloaded from a website which is in an Internet Explorer 7 zone with the "Launching applications and unsafe files" setting set to "Enable", or in the Internet Explorer 6 "Local intranet" or "Trusted sites" zone, which could cause Safari to automatically launch executable files.

3. Due to a memory corruption error in WebKit when handling certain JavaScript arrays, which could be exploited to crash an affected browser or execute arbitrary code.

Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Apple Safari for Windows versions prior to 3.1.2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Apple Safari for Windows version 3.1.2 :
http://www.apple.com/support/downloads/safari312forwindows.html

Vulnerability Identifier

Source

Related Link

Share with

Previous

Mozilla Firefox Unspecified Remote Code Execution Vulnerability

20 Jun 2008 4630 Views

Next

HP-UX CIFS Server Multiple Vulnerabilities

25 Jun 2008 4740 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY