exploit the possibilities

Apple Security Advisory 2012-05-09-2

Apple Security Advisory 2012-05-09-2
Posted May 10, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-09-2 - Safari 5.1.7 is now available and addresses multiple WebKit related vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2011-3046, CVE-2011-3056, CVE-2012-0672, CVE-2012-0676
MD5 | e3c8d877a6f6c73bc4f2f1f2ff79350f

Apple Security Advisory 2012-05-09-2

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2012-05-09-2 Safari 5.1.7

Safari 5.1.7 is now available and addresses the following:

WebKit
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista,
XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: Multiple cross-site scripting issues existed in WebKit.
CVE-ID
CVE-2011-3046 : Sergey Glazunov working with Google's Pwnium contest
CVE-2011-3056 : Sergey Glazunov

WebKit
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista,
XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in WebKit.
CVE-ID
CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome
Security Team

WebKit
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista,
XP SP2 or later
Impact: A maliciously crafted website may be able to populate form
inputs on another website with arbitrary values
Description: A state tracking issue existed in WebKit's handling of
forms.
CVE-ID
CVE-2012-0676 : Andreas Akre Solberg of UNINETT AS, Aaron Roots of
Deakin University ITSD, Tyler Goen

Note: In addition, this update disables Adobe Flash Player if it
is older than 10.1.102.64 by moving its files to a new directory.
This update presents the option to install an updated version of
Flash Player from the Adobe website.


Safari 5.1.7 is available via the Apple Software Update
application, or Apple's Safari download site at:
http://www.apple.com/safari/download/

Safari for OS X Lion v10.7.4
The download file is named: Safari5.1.7LionManual.dmg
Its SHA-1 digest is: 5024eb2e358feb6b87d6eff15438bf7ae99619b4

Safari for Mac OS X v10.6.8
The download file is named: Safari5.1.7SnowLeopardManual.dmg
Its SHA-1 digest is: 32d1dca993b455bc5c230caef95ab70c702e6fee

Safari for Windows 7, Vista or XP
The download file is named: SafariSetup.exe
Its SHA-1 digest is: f601df0106987bfffc3f22b046ba835e4f8d29c6

Safari for Windows 7, Vista or XP from the Microsoft Choice Screen
The download file is named: Safari_Setup.exe
Its SHA-1 digest is: 193eaddae1d25dd1b0f8786a810de083fc9280b0

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)

iQEcBAEBAgAGBQJPqtgCAAoJEGnF2JsdZQeeIvQIAIIbdrlsjYRAiMAEK/o4QwkF
M4EIDhqpDPnjDFBcT39vqapEPt4btYp0x+464bNRyU9ex4bY7NGPzaKTS/bdcnXJ
BbpmR8rFluCRZ3AIyFSYPvKImsoyp5IZ91lTIxes1E4j+ed1diXEpLlt8Pp4K3Fc
w2hao+KBKYCUKcjy49whKC0+6jnQWPoP7lPl9gjVyM/fky4K2J/F2c2saXHTDS9l
L3CU4+0jA6INzY2NN2j3jdSZgglLgRcDvF3dAriNhW0Wlyd6ucuTxULbC1cS0mRs
w4stMTnMzdgKsy13kE2tBQAf3rguM1PzlJAlOZMw9Ad/O6lU+8uaJ8AmBygVpq4=
=x2Jz
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close