You are here

V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks

June 5, 2013 - 1:05am

Addthis

PROBLEM:

Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks

PLATFORM:

Apple Safari prior to 6.0.5

ABSTRACT:

Several vulnerabilities were reported in Apple Safari.

REFERENCE LINKS:

Apple Article: HT5785
SecurityTracker Alert ID:  1028627
CVE-2013-0926
CVE-2013-1009
CVE-2013-1012
CVE-2013-1013
CVE-2013-1023

IMPACT ASSESSMENT:

Medium

DISCUSSION:

A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system [CVE-2013-1009, CVE-2013-1023]. The code will run with the privileges of the target user.

A remote user can create specially crafted HTML that, when loaded by a target user, will cause arbitrary scripting code to be executed by the target user's browser in the security context of an arbitrary site [CVE-2013-1012]. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

The copying and pasting of specially crafted HTML may permit cross-site scripting attacks [CVE-2013-0926].

A remote user can create specially crafted HTML that, when loaded by a target user, will cause arbitrary scripting code to be executed by the target user's browser in the security context of an arbitrary site [CVE-2013-1013].

IMPACT:

A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can access the target user's cookies (including authentication cookies), if any, associated with an arbitrary site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

SOLUTION:

The vendor has issued a fix (6.0.5).

Addthis