Apple Safari Security Issue and Multiple Vulnerabilities

Last Update Date: 19 Sep 2014 16:40 Release Date: 19 Sep 2014 3324 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Browsers

TYPE: Browsers

A security issue and multiple vulnerabilities have been identified in Apple Safari, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.

  1. The application does not properly restrict password autofill functionality for untrusted websites, which can be exploited to disclose saved passwords via e.g. Man-in-the-Middle (MitM) attacks.
  2. A use-after-free error exists when handling SVG images.
  3. Multiple unspecified errors exist in WebKit, which can be exploited to cause memory corruption.

Note: Additionally a weakness related to HTML 5 cache data access when using private browsing exists.

Impact

  • Information Disclosure

System / Technologies affected

  • Versions prior to 6.2 and 7.1.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 6.2 or 7.1.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple iOS Security Issue and Multiple Vulnerabilities

19 Sep 2014 3316 Views

Next

Cisco IOS XR Multiple Denial of Service Vulnerabilities

23 Sep 2014 2994 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY