SynopsisThe remote host contains a web browser that is affected by multiple security vulnerabilities.
DescriptionThe remote host has Safari installed that is older than 6.1.3 or 7.0.3, and is thus unpatched for the following WebKit vulnerabilities :
- Unspecified errors exist that could allow memory corruption, application crashes and possibly arbitrary code execution. (CVE-2013-2871, CVE-2013-2926, CVE-2013-2928, CVE-2013-6625, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1301, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1713)
- An error exists related to IPC messages and 'WebProcess' that could allow an attacker to read arbitrary files. (CVE-2014-1297)
SolutionUpgrade to Safari 7.0.3 or later. If version 7.0.x is not available, version 6.1.3 has also been patched for these issues.