Apple Safari Webkit Multiple Vulnerabilities - May 12 (Windows) Network Vulnerability

Summary

The host is installed with Apple Safari web browser and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attacker to conduct cross site scripting attacks, bypass certain security restrictions, and compromise a user's system. Impact Level: Application

Solution

Upgrade to Apple Safari version 5.1.7 or later, For updates refer to http://www.apple.com/support/downloads/

Insight

The flaws are due to - Multiple cross site scripting and memory corruption issues in webkit. - A state tracking issue existed in WebKit's handling of forms.

Affected

Apple Safari versions prior to 5.1.7 on Windows

References

http://lists.apple.com/archives/security-announce/2012/May/msg00002.html
http://secunia.com/advisories/47292/
http://support.apple.com/kb/HT5282

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3046, CVE-2011-3056, CVE-2012-0672, CVE-2012-0676

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Mac OS X)
Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)

Take action and discover your vulnerabilities