Mac OS X : Safari < 6.1.3 / 7.0.3 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is affected by multiple security vulnerabilities.

Description

The remote Mac OS X host has Safari installed that is older than 6.1.3 or 7.0.3, and is thus unpatched for the following WebKit vulnerabilities:

- Unspecified errors exist that could allow memory corruption, application crashes and possibly arbitrary code execution. (CVE-2013-2871, CVE-2013-2926, CVE-2013-2928, CVE-2013-6625, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1301, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1713)

- An error exists related to IPC messages and 'WebProcess' that could allow an attacker to read arbitrary files. (CVE-2014-1297)

Solution

Update to Safari 7.0.3, or 6.1.3 as appropriate, or later versions if available.