icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Safari < 6.1.3 / 7.0.3 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is affected by multiple security vulnerabilities.

Description

The remote host has Safari installed that is older than 6.1.3 or 7.0.3, and is thus unpatched for the following WebKit vulnerabilities :

- Unspecified errors exist that could allow memory corruption, application crashes and possibly arbitrary code execution. (CVE-2013-2871, CVE-2013-2926, CVE-2013-2928, CVE-2013-6625, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1301, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1713) - An error exists related to IPC messages and 'WebProcess' that could allow an attacker to read arbitrary files. (CVE-2014-1297)

Solution

Upgrade to Safari 7.0.3 or later. If version 7.0.x is not available, version 6.1.3 has also been patched for these issues.