Skip to main content

Apple Safari Multiple Vulnerabilities

Last Update Date: 22 Jul 2011 12:12 Release Date: 22 Jul 2011 6556 Views

RISK: High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been identified in Apple Safari, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system.

  1. An error within CFNetwork when handling the "text/plain" content type can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
  2. An error within CFNetwork when using the NTLM authentication protocol can be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page.
  3. An error exists within CFNetwork when handling SSL certificates, which does not properly verify disabled root certificates. This can lead to certificates signed by the disabled root certificates being validated.
  4. An integer overflow error exists within the ColorSync component and CoreGraphics.
  5. An off-by-one error exists within the CoreFoundation framework.
  6. An error exists within ICU (International Components for Unicode).
  7. An error exists in ImageIO within the handling of TIFF files when handling certain uppercase strings.
  8. An error in ImageIO, libxml and WebKit can be exploited to cause a heap-based buffer overflow.
  9. A use-after-free error within WebKit when handling TIFF images, MathML markup tags, SVG tags and XHTML tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
  10. An error within libxslt can be exploited to disclose certain addresses from the heap.
  11. An error in the "AutoFill web forms" feature can be exploited to disclose certain information from the user's Address Book by tricking a user into visiting a specially crafted web page.
  12. A cross-origin error when handling certain fonts in Java Applets can lead to certain text being displayed on other sites.
  13. Multiple unspecified errors in the WebKit component can be exploited to corrupt memory.
  14. An error within WebKit when handling libxslt configurations can be exploited to create arbitrary files.
  15. A cross-origin error when handling Web Workers can lead to certain information being disclosed.
  16. A cross-origin error when handling certain URLs containing a username and DOM nodes can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
  17. An error within the handling of DOM history objects can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.
  18. An error within the handling of RSS feeds may lead to arbitrary files from a user's system being sent to a remote server.
  19. A weakness in WebKit can lead to remote DNS prefetching