Safari < 6.2 / 7.1 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 8395
SynopsisThe remote host contains a web browser that is affected by multiple security vulnerabilities.
DescriptionThe remote host has Safari installed that is older than 6.2 or 7.1, and is thus unpatched for the following WebKit vulnerabilities :
- Saved passwords and incorrect automatic filling of HTML forms contain an error that could be leveraged to obtain sensitive information. (CVE-2014-4363)
- Multiple memory corruption errors exist in WebKit that could potentially be leveraged for arbitrary code execution. (CVE-2013-6663, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4415)
- HTML5 application cache data handling with WebKit that allows the disclosure of sensitive information from private browsing sessions. (CVE-2014-4409)
SolutionUpgrade to Safari 7.1 or later. If version 7.x is not available, version 6.2 is also patched for these issues.