Apple Safari Multiple Vulnerabilities - April 2011 (Mac OS X) Network Vulnerability

Summary

The host is installed with Apple Safari web browser and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to execute arbitrary code in the context of the browser. Impact Level: System/Application

Solution

Upgrade to Apple Safari version 5.0.5 or later, For updates refer to http://www.apple.com/safari/download/

Insight

Multiple flaws are due to - An integer overflow error in WebKit related to CSS 'style handling', nodesets, and a length value. - A use-after-free error within WebKit when handling WBR tags.

Affected

Apple Safari versions prior to 5.0.5

References

http://lists.apple.com/archives/security-announce/2011/Apr/msg00002.html
http://support.apple.com/kb/HT4596

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1290, CVE-2011-1344

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)
Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Mac OS X)
Adobe Captivate Insecure Library Loading Vulnerability
Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)

Take action and discover your vulnerabilities