|
Systems Affected
Apple Safari prior to version 6.2.4 , 7.1.4, 8.0.4
Threat Level
Overview
Multiple vulnerabilities have been reported in the Apple Safari which could allow remote attacker to execute arbitrary code with elevated privileges on targeted system or cause a denial of service (memory corruption and application crash).
Description
These vulnerabilities are caused due to a memory corruption error in the WebKit component in Apple Safari. Remote attackers could exploit these vulnerability by enticing users to open a specially crafted HTML, upon loading it could trigger a memory corruption error in the WebKit component and could allow execution of arbitrary code on the targeted system. Such vulnerabilities could also allow remote attackers to exploit victims interface inconsistency to misrepresent or spoof URLs.
Successful exploitation of these vulnerabilities could allow remote attackers to gain access to sensitive information or to conduct phishing attacks.
Impact
Solution/ Workarounds
Upgrade to Apple Safari 6.2.4 , 7.1.4 , 8.0.4
https://support.apple.com/en-us/HT204560
References
http://www.cert-in.org.in/
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|
