Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Safari < 6.2 / 7.1 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is affected by multiple security vulnerabilities.

Description

The remote host has Safari installed that is older than 6.2 or 7.1, and is thus unpatched for the following WebKit vulnerabilities :

- Saved passwords and incorrect automatic filling of HTML forms contain an error that could be leveraged to obtain sensitive information. (CVE-2014-4363) - Multiple memory corruption errors exist in WebKit that could potentially be leveraged for arbitrary code execution. (CVE-2013-6663, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4415) - HTML5 application cache data handling with WebKit that allows the disclosure of sensitive information from private browsing sessions. (CVE-2014-4409)

Solution

Upgrade to Safari 7.1 or later. If version 7.x is not available, version 6.2 is also patched for these issues.