Safari < 6.2.8 / 7.1.8 / 8.0.8 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 8949
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionVersions of Safari prior to 6.2.8 / 7.1.8 / 8.0.8 are reportedly affected by the following vulnerabilities :
- An unspecified flaw exists that allows an attacker to spoof UI elements by using crafted web pages. (CVE-2015-3729)
- Multiple memory corruption flaws exist in WebKit due to improper validation of user-supplied input. An attacker can exploit these, by using a crafted web page, to execute arbitrary code. (CVE-2015-3730, CVE-2015-3731, CVE-2015-3732, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749)
- A security policy bypass vulnerability exists in WebKit related to handling Content Security Policy report requests. An attacker can exploit this to bypass the HTTP Strict Transport Security policy. (CVE-2015-3750)
- A security policy bypass vulnerability exists in WebKit that allows websites to use video controls to load images nested in object elements in violation of Content Security Policy directives. (CVE-2015-3751)
- An information disclosure vulnerability exists in WebKit related to how cookies are added to Content Security Policy report requests, which results in cookies being exposed to cross-origin requests. Also, cookies set during regular browsing are sent during private browsing. (CVE-2015-3752)
- An information disclosure vulnerability exists in the WebKit Canvas component when images are called using URLs that redirect to a data:image resource. An attacker, using a malicious website, can exploit this to disclose image data cross-origin. (CVE-2015-3753)
- An information disclosure vulnerability exists in WebKit page loading where the caching of HTTP authentication credentials entered in private browsing mode were carried over into regular browsing, resulting in a user's private browsing history being exposed. (CVE-2015-3754)
- A flaw in the WebKit process model allows a malicious website to display an arbitrary URL, which can allow user interface spoofing. (CVE-2015-3755)
SolutionUpgrade to Safari 6.2.8 / 7.1.8 / 8.0.8 or later.