Apple Safari Webkit Multiple Vulnerabilities - May 12 (Mac OS X) Network Vulnerability

Summary

The host is installed with Apple Safari web browser and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attacker to conduct cross site scripting attacks, bypass certain security restrictions, and compromise a user's system. Impact Level: Application

Solution

Upgrade to Apple Safari version 5.1.7 or later, For updates refer to http://www.apple.com/support/downloads/

Insight

The flaws are due to - Multiple cross site scripting and memory corruption issues in webkit. - A state tracking issue existed in WebKit's handling of forms.

Affected

Apple Safari versions prior to 5.1.7 on Mac OS X

References

http://lists.apple.com/archives/security-announce/2012/May/msg00002.html
http://secunia.com/advisories/47292/
http://support.apple.com/kb/HT5282

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3046, CVE-2011-3056, CVE-2012-0672, CVE-2012-0676

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)
Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)
Adobe Air Remote Code Execution Vulnerability -June13 (Mac OS X)
Adobe Air Remote Code Execution Vulnerability -June13 (Windows)

Take action and discover your vulnerabilities