Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X) Network Vulnerability

Summary

The host is installed with Apple Safari web browser and is prone to multiple vulnerabilities.

Impact

Successful exploitation will let the attackers to execute arbitrary HTML or web script, bypass certain security restrictions and or cause a denial of service. Impact Level: Application

Solution

Upgrade to Apple Safari version 6.0.5 or later, For updates refer to http://www.apple.com/support/downloads

Insight

Multiple flaws due to unspecified error in WebKit, XSS Auditor while handling iframe.

Affected

Apple Safari versions prior to 6.0.5 on Mac OS X

References

http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html
http://seclists.org/bugtraq/2013/Jun/23
http://secunia.com/advisories/53711
http://support.apple.com/kb/HT5785
http://www.osvdb.com/93916

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1009, CVE-2013-1012, CVE-2013-1013, CVE-2013-1023

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
Asterisk SIP REGISTER Response Username Enumeration Vulnerability
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
Adobe Flash Media Server Video Stream Capture Security Issue

Take action and discover your vulnerabilities