Safari < 6.2.4 / 7.1.4 / 8.0.4 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 8695
SynopsisThe remote host is missing a critical Safari patch update.
DescriptionThe version of Safari installed on the remote host is prior to 6.2.4 / 7.1.4 / 8.0.4, and is affected by multiple memory corruption vulnerabilities in WebKit due to improperly validated user-supplied input. A remote attacker, using a specially crafted website, can exploit these to execute arbitrary code. (CVE-2015-1068, CVE-2015-1069, CVE-2015-1070, CVE-2015-1071, CVE-2015-1072, CVE-2015-1073, CVE-2015-1074, CVE-2015-1075, CVE-2015-1076, CVE-2015-1077, CVE-2015-1078, CVE-2015-1079, CVE-2015-1080, CVE-2015-1081, CVE-2015-1082, CVE-2015-1083)
A flaw exists related to user interface inconsistency that allows an attacker to conduct phishing attacks by spoofing the URL. (CVE-2015-1084)
SolutionUpgrade to Safari 6.2.4 / 7.1.4 / 8.0.4 or later.