Summary
This host is installed with Apple Safari
and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers
to conduct denial of service attack, arbitrary code execution and bypass the Same Origin Policy.
Impact Level: System/Application
Solution
Upgrade to Apple Safari version 6.2.1 or
7.1.1 or 8.0.1 or later, For updates refer to http://www.apple.com/support
Insight
Multiple flaws exists due to,
- Multiple unspecified memory corruption errors.
- An SVG loaded in an img element could load a CSS file cross-origin.
Affected
Apple Safari before version 6.2.1,
7.x before 7.1.1, and 8.x before 8.0.1 on Mac OS X.
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-4465, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows