macOS : Apple Safari < 10.0.2 Multiple Vulnerabilities

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

A web browser installed on the remote macOS or Mac OS X host is
affected by multiple vulnerabilities.

Description :

The version of Apple Safari installed on the remote macOS or Mac OS X
host is prior to 10.0.2. It is, therefore, affected by multiple
vulnerabilities :

- Multiple remote code execution vulnerabilities exist in
WebKit due to improper validation of user-supplied
input and improper handling of objects in memory. An
unauthenticated, remote attacker can exploit these
vulnerabilities, by convincing a user to visit a
specially crafted website, to corrupt memory and execute
arbitrary code. (CVE-2016-4692, CVE-2016-7635,
CVE-2016-7652)

- Multiple information disclosure vulnerabilities exist
in WebKit due to improper validation of user-supplied
input. An unauthenticated, remote attacker can exploit
these, by convincing a user to visit a specially crafted
website, to disclose memory contents. (CVE-2016-4743,
CVE-2016-7656)

- An information disclosure vulnerability exists in WebKit
due to improper validation of user-supplied input. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted website,
to disclose user information. (CVE-2016-7586)

- Multiple remote code execution vulnerabilities exist in
WebKit due to improper validation of user-supplied
input and improper state management. An unauthenticated,
remote attacker can exploit these vulnerabilities, by
convincing a user to visit a specially crafted website,
to corrupt memory and execute arbitrary code.
(CVE-2016-7587, CVE-2016-7589:, CVE-2016-7610,
CVE-2016-7611, CVE-2016-7639, CVE-2016-7640,
CVE-2016-7641, CVE-2016-7642, CVE-2016-7645,
CVE-2016-7646, CVE-2016-7648, CVE-2016-7649,
CVE-2016-7654)

- An information disclosure vulnerability exists in WebKit
due to improper handling of JavaScript prompts. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted website,
to corrupt memory and execute arbitrary code.
(CVE-2016-7592)

- An information disclosure vulnerability exists in WebKit
due to the use of uninitialized memory. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted website,
to disclose memory contents. (CVE-2016-7598)

- An information disclosure vulnerability exists that is
triggered when handling HTTP redirections. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted website,
to disclose user information. (CVE-2016-7599)

- An information disclosure vulnerability exists in WebKit
due to improper validation of user-supplied input and
blob URLs. An unauthenticated, remote attacker can
exploit this, via a specially crafted blob URL, to
disclose user information. (CVE-2016-7623)

- A remote code execution vulnerability exists in WebKit
due to improper validation of user-supplied
input and improper state management. An unauthenticated,
remote attacker can exploit this, by convincing a user
to visit a specially crafted website, to cause a denial
of service condition or the execution of arbitrary code.
(CVE-2016-7632)

- A cross-site scripting (XSS) vulnerability exists in
Safari Reader due to improper validation of
user-supplied input. An unauthenticated, remote attacker
can exploit this, by convincing a user to follow a
specially crafted link, to execute arbitrary script code
in a user's browser session. (CVE-2016-7650)

See also :

https://support.apple.com/en-us/HT207421
http://www.nessus.org/u?df6b83c6

Solution :

Upgrade to Apple Safari version 10.0.2 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false