Apple Safari Multiple Vulnerabilities
Last Update Date:
28 Jan 2011
Release Date:
22 Nov 2010
5968
Views
RISK: Medium Risk
Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by attackers to disclose sensitive information, bypass security restrictions or execute arbitrary code. These issues are caused by design errors, invalid casts, memory corruptions, uninitialized pointers and memory, integer overflows and underflows, use-after-free and cross-origin validation errors in WebKit, which could be exploited by attackers to gain knowledge of certain information, spoof the address in the location bar, or compromise a vulnerable system by convincing a user to visit a malicious web page.
Impact
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Apple Safari versions prior to 5.0.3
- Apple Safari versions prior to 4.1.3
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to Apple Safari version 5.0.3 or 4.1.3 :
http://www.apple.com/safari/download/
Vulnerability Identifier
- CVE-2010-1812
- CVE-2010-1813
- CVE-2010-1814
- CVE-2010-1815
- CVE-2010-1822
- CVE-2010-3116
- CVE-2010-3257
- CVE-2010-3259
- CVE-2010-3803
- CVE-2010-3804
- CVE-2010-3805
- CVE-2010-3808
- CVE-2010-3809
- CVE-2010-3810
- CVE-2010-3811
- CVE-2010-3812
- CVE-2010-3813
- CVE-2010-3816
- CVE-2010-3817
- CVE-2010-3818
- CVE-2010-3819
- CVE-2010-3820
- CVE-2010-3821
- CVE-2010-3822
- CVE-2010-3823
- CVE-2010-3824
- CVE-2010-3826
Source
Related Link
Share with