You are here

V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code

March 18, 2013 - 1:53am

Addthis

PROBLEM:

Apple Safari Bugs Let Remote Users Execute Arbitrary Code

PLATFORM:

Version(s): prior to 6.0.3

ABSTRACT:

Two vulnerabilities were reported in Apple Safari.

REFERENCE LINKS:

Apple security update, Article: HT1222
SecurityTracker Alert ID:  1028292
CVE-2013-0960
CVE-2013-0961

IMPACT ASSESSMENT:

Medium

DISCUSSION:

A remote user can create specially crafted HTML that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

IMPACT:

A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

SOLUTION:

Update to a fixed version (6.0.3).

Addthis