Apple Safari Multiple Vulnerabilities
Last Update Date:
22 Jul 2011 12:12
Release Date:
22 Jul 2011
6556
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Apple Safari, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system.
- An error within CFNetwork when handling the "text/plain" content type can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
- An error within CFNetwork when using the NTLM authentication protocol can be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page.
- An error exists within CFNetwork when handling SSL certificates, which does not properly verify disabled root certificates. This can lead to certificates signed by the disabled root certificates being validated.
- An integer overflow error exists within the ColorSync component and CoreGraphics.
- An off-by-one error exists within the CoreFoundation framework.
- An error exists within ICU (International Components for Unicode).
- An error exists in ImageIO within the handling of TIFF files when handling certain uppercase strings.
- An error in ImageIO, libxml and WebKit can be exploited to cause a heap-based buffer overflow.
- A use-after-free error within WebKit when handling TIFF images, MathML markup tags, SVG tags and XHTML tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
- An error within libxslt can be exploited to disclose certain addresses from the heap.
- An error in the "AutoFill web forms" feature can be exploited to disclose certain information from the user's Address Book by tricking a user into visiting a specially crafted web page.
- A cross-origin error when handling certain fonts in Java Applets can lead to certain text being displayed on other sites.
- Multiple unspecified errors in the WebKit component can be exploited to corrupt memory.
- An error within WebKit when handling libxslt configurations can be exploited to create arbitrary files.
- A cross-origin error when handling Web Workers can lead to certain information being disclosed.
- A cross-origin error when handling certain URLs containing a username and DOM nodes can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
- An error within the handling of DOM history objects can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.
- An error within the handling of RSS feeds may lead to arbitrary files from a user's system being sent to a remote server.
- A weakness in WebKit can lead to remote DNS prefetching
Impact
- Cross-Site Scripting
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Spoofing
- Data Manipulation
System / Technologies affected
- Safari 5.0.6
- Safari 5.1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 5.1 or 5.0.6.
Vulnerability Identifier
- CVE-2010-1383
- CVE-2010-1420
- CVE-2010-1823
- CVE-2011-0164
- CVE-2011-0195
- CVE-2011-0200
- CVE-2011-0201
- CVE-2011-0202
- CVE-2011-0204
- CVE-2011-0206
- CVE-2011-0214
- CVE-2011-0215
- CVE-2011-0216
- CVE-2011-0217
- CVE-2011-0218
- CVE-2011-0219
- CVE-2011-0221
- CVE-2011-0222
- CVE-2011-0223
- CVE-2011-0225
- CVE-2011-0232
- CVE-2011-0233
- CVE-2011-0234
- CVE-2011-0235
- CVE-2011-0237
- CVE-2011-0238
- CVE-2011-0240
- CVE-2011-0241
- CVE-2011-0242
- CVE-2011-0244
- CVE-2011-0253
- CVE-2011-0254
- CVE-2011-0255
- CVE-2011-0981
- CVE-2011-0983
- CVE-2011-1107
- CVE-2011-1109
- CVE-2011-1114
- CVE-2011-1115
- CVE-2011-1117
- CVE-2011-1121
- CVE-2011-1188
- CVE-2011-1190
- CVE-2011-1203
- CVE-2011-1204
- CVE-2011-1288
- CVE-2011-1293
- CVE-2011-1295
- CVE-2011-1296
- CVE-2011-1449
- CVE-2011-1451
- CVE-2011-1453
- CVE-2011-1457
- CVE-2011-1462
- CVE-2011-1774
- CVE-2011-1797
Source
Related Link
Share with