Apple Safari Multiple Vulnerabilities
RISK: Medium Risk
Multiple vulnerabilitieshave been identified in Apple Safari, which could be exploited by attackers to disclose sensitive information, bypass security restrictions or compromise an affected system. These issues are caused by use-after-free, double free, integer truncation, heap overflow, memory corruption, uninitialized memory access, input validation and implementation errors in ColorSync and WebKit, which could be exploited by attackers to bypass certain security checks, gain knowledge of sensitive information or execute arbitrary code by tricking a user into visiting a specially crafted web page.
Impact
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Apple Safari versions prior to 5.0
- Apple Safari versions prior to 4.1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Upgrade to Apple Safari version 5.0 or 4.1 :
http://www.apple.com/safari/download/
Vulnerability Identifier
- CVE-2009-1726
- CVE-2010-0544
- CVE-2010-1119
- CVE-2010-1384
- CVE-2010-1385
- CVE-2010-1388
- CVE-2010-1389
- CVE-2010-1390
- CVE-2010-1391
- CVE-2010-1392
- CVE-2010-1393
- CVE-2010-1394
- CVE-2010-1395
- CVE-2010-1396
- CVE-2010-1397
- CVE-2010-1398
- CVE-2010-1399
- CVE-2010-1400
- CVE-2010-1401
- CVE-2010-1402
- CVE-2010-1403
- CVE-2010-1404
- CVE-2010-1405
- CVE-2010-1406
- CVE-2010-1408
- CVE-2010-1409
- CVE-2010-1410
- CVE-2010-1412
- CVE-2010-1413
- CVE-2010-1414
- CVE-2010-1415
- CVE-2010-1416
- CVE-2010-1417
- CVE-2010-1418
- CVE-2010-1419
- CVE-2010-1421
- CVE-2010-1422
- CVE-2010-1749
- CVE-2010-1750
- CVE-2010-1758
- CVE-2010-1759
- CVE-2010-1761
- CVE-2010-1762
- CVE-2010-1764
- CVE-2010-1770
- CVE-2010-1771
- CVE-2010-1774
Source
Related Link
Share with