Summary
This host is installed with Apple Safari and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow local users to obtain sensitive user information, application termination or arbitrary code execution.
Impact Level: System/Application
Solution
Upgrade to Apple Safari version 6.1.1 or 7.0.1 or later, For updates refer to http://www.apple.com/support
Insight
Multiple flaws are due to,
- Unspecified memory corruption issues within webkit.
- An error related to origin tracking that can be exploited to autofill a form.
- A use-after-free error exists within webkit.
Affected
Apple Safari before version 6.1.1 and 7.x before version 7.0.1 on Mac OS X
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-5195, CVE-2013-5196, CVE-2013-5197, CVE-2013-5198, CVE-2013-5199, CVE-2013-5225, CVE-2013-5227, CVE-2013-5228 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari 'SRC' Remote Denial Of Service Vulnerability
- Apple Safari Webkit Multiple Vulnerabilities - May13 (Mac OS X)
- Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
- Apple Safari 'Webkit' Information Disclosure Vulnerability (Win)
- AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability