Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Safari < 10.0.2 Multiple Vulnerabilities

Medium

Synopsis

The remote host has a web browser installed that is affected by multiple attack vectors.

Description

Versions of Safari prior to 10.0.2 are affected by multiple vulnerabilities :

- A flaw exists that allows a universal cross-site scripting (UXSS) attack. This flaw exists because the Safari Reader feature does not properly validate certain input before returning it to users. This may allow a context-dependent attacker to execute arbitrary script code in a user's browser session within the trust relationship between their browser and any website. (OSVDB 148669) - An unspecified flaw exists that is triggered as certain input is not properly validated. With a specially crafted web page, a context-dependent attacker can corrupt memory and potentially execute arbitrary code. (OSVDB 148670, OSVDB 148671, OSVDB 148672, OSVDB 148676, OSVDB 148679, OSVDB 148680, OSVDB 148681, OSVDB 148682, OSVDB 148683, OSVDB 148684, OSVDB 148685, OSVDB 148686, OSVDB 148687, OSVDB 148688) - An unspecified flaw exists that is triggered as certain input is not properly validated. With a specially crafted web page, a context-dependent attacker can potentially disclose memory contents. (OSVDB 148673, OSVDB 148674) - An unspecified flaw exists that is triggered as certain input is not properly validated. With a specially crafted web page, a context-dependent attacker can potentially disclose certain user information. (OSVDB 148675) - A use-after-free error exists in the handling of 'RenderObject' objects. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code. (OSVDB 148677) - A use-after-free error exists in the handling of 'HTMLLabelElement' objects. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code. (OSVDB 148678) - A flaw exists that is triggered when handling JavaScript prompts. With a specially crafted web page, a context-dependent attacker can disclose unspecified user information. (OSVDB 148689) - A flaw exists related to use of uninitialized memory. With a specially crafted web page, a context-dependent attacker can potentially disclose memory contents. (OSVDB 148690) - A flaw exists that is triggered when handling HTTP redirects. With specially crafted web contents, a context-dependent attacker can disclose unspecified user information. (OSVDB 148691) - An unspecified flaw exists that is triggered as certain input is not properly validated. With a specially crafted web page, a context-dependent attacker can corrupt memory and potentially execute arbitrary code. (OSVDB 148692)

Solution

Upgrade to Safari version 10.0.2 or later.