icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Safari < 5.1.7 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is affected by several vulnerabilities.

Description

The remote host has Safari installed.

Versions of Safari earlier than 5.1.7 are reportedly affected by several issues :

- Two unspecified errors that can allow malicious sites to perform cross-site scripting attacks. (CVE-2011-3046, CVE-2011-3056)

- An unspecified memory corruption error exists that can allows malicious sites to crash the application or potentially execute arbitrary code. (CVE-2012-0672)

- A state-tracking issue exists that can allow malicious sites to populate HTML form values of other sites with arbitrary data. (CVE-2012-0676)

Solution

Upgrade to Safari 5.1.7 or later.