Apple Safari Multiple Vulnerabilities
Last Update Date:
7 Jun 2013
Release Date:
6 Jun 2013
4019
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Apple Safari, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
- Some vulnerabilities are caused due to a bundled vulnerable version of WebKit.
- An unspecified error in WebKit can be exploited to execute arbitrary code.
- An error related to iframe handling can be exploited to conduct cross-site scripting attacks.
- An unspecified error related to the XSS Auditor can be exploited to bypass certain security restrictions and e.g. alter the behavior of forms.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Security Restriction Bypass
- Spoofing
System / Technologies affected
- Versions prior to 6.0.5
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 6.0.5.
Vulnerability Identifier
- CVE-2013-0879
- CVE-2013-0926
- CVE-2013-0991
- CVE-2013-0992
- CVE-2013-0993
- CVE-2013-0994
- CVE-2013-0995
- CVE-2013-0996
- CVE-2013-0997
- CVE-2013-0998
- CVE-2013-0999
- CVE-2013-1000
- CVE-2013-1001
- CVE-2013-1002
- CVE-2013-1003
- CVE-2013-1004
- CVE-2013-1005
- CVE-2013-1006
- CVE-2013-1007
- CVE-2013-1008
- CVE-2013-1009
- CVE-2013-1010
- CVE-2013-1011
- CVE-2013-1012
- CVE-2013-1013
- CVE-2013-1023
Source
Related Link
Share with