icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Safari < 6.1.2 / 7.0.2 Multiple Vulnerabilities

Medium

Synopsis

The remote host contains a web browser that is affected by multiple security vulnerabilities.

Description

The remote host has Safari installed that is older than 6.1.2 or 7.0.2, which means it is not patched for the following WebKit vulnerabilities :

- Unspecified memory-corruption vulnerabilities that could be leveraged to execute arbitrary code, or cause denial of service. (CVE-2014-1268, CVE-2014-1269, CVE-2014-1270) - Use-after-free error in the 'ReplaceSelectionCommand' file which can be leveraged to execute arbitrary code, or cause denial of service (CVE-2013-6635)

Solution

OS X Mavericks (v10.9) users should upgrade to 10.9.2, which includes the Safari 7.0.2 update. All others should upgrade to Safari 6.1.2 or later.