Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Multiple Vulnerabilities in Apple Safari

 

Systems Affected


Apple Safari prior to version 6.2.4 , 7.1.4, 8.0.4

Threat Level


High


Overview


Multiple vulnerabilities have been reported in the Apple Safari which could allow remote attacker to execute arbitrary code with elevated privileges on targeted system or cause a denial of service (memory corruption and application crash).


Description


These vulnerabilities are caused due to a memory corruption error in the WebKit component in Apple Safari. Remote attackers could exploit these vulnerability by enticing users to open a specially crafted HTML, upon loading it could trigger a memory corruption error in the WebKit component and could allow execution of arbitrary code on the targeted system. Such vulnerabilities could also allow remote attackers to exploit victims interface inconsistency to misrepresent or spoof URLs.

Successful exploitation of these vulnerabilities could allow remote attackers to gain access to sensitive information or to conduct phishing attacks.


Impact



Solution/ Workarounds


Upgrade to Apple Safari 6.2.4 , 7.1.4 , 8.0.4

https://support.apple.com/en-us/HT204560


References


http://www.cert-in.org.in/


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.