Skip to main content

Apple Safari Multiple Vulnerabilities

Last Update Date: 3 Apr 2014 09:11 Release Date: 3 Apr 2014 4050 Views

RISK: High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been identified in Apple Safari. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can bypass sandbox controls.

  1. A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system. The code will run with the privileges of the target user.
  2. A page running code in the WebProcess may be exploit an IPC message processing flaw to bypass sandbox restrictions and read arbitrary files on the target system.

Impact

  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Prior to versions 6.1.3 and 7.0.3

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix (6.1.3, 7.0.3).

Vulnerability Identifier


Source


Related Link