Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31492
HistoryDec 11, 2014 - 12:00 a.m.

APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1

2014-12-1100:00:00
vulners.com
63
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2014-12-3-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1

Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 is now available and
addresses the following:

WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10.1
Impact: Style sheets are loaded cross-origin which may allow for
data exfiltration
Description: An SVG loaded in an img element could load a CSS file
cross-origin. This issue was addressed through enhanced blocking of
external CSS references in SVGs.
CVE-ID
CVE-2014-4465 : Rennie deGraaf of iSEC Partners

WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10.1
Impact: Visiting a website that frames malicious content may lead to
UI spoofing
Description: A UI spoofing issue existed in the handling of
scrollbar boundaries. This issue was addressed through improved
bounds checking.
CVE-ID
CVE-2014-1748 : Jordan Milne

WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10.1
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2014-4452
CVE-2014-4459
CVE-2014-4466 : Apple
CVE-2014-4468 : Apple
CVE-2014-4469 : Apple
CVE-2014-4470 : Apple
CVE-2014-4471 : Apple
CVE-2014-4472 : Apple
CVE-2014-4473 : Apple
CVE-2014-4474 : Apple
CVE-2014-4475 : Apple

Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJUfjjSAAoJEBcWfLTuOo7t1PsP/j0H8iRJiPtYVwRly6mxyDrv
4Ji7sopCSNa96qcqn9jILbFTkthqaXE/vew2UdJgO5CSXqxcF50I9bUkPJyJBq4j
qGEu8a54pMteNSCtox1mwzZu8tcOArc//oQhMPhqSRkEvjVv2bsJdQ9bmc1QqHhP
HkJBN/HO8w5RvZ6o5PiitnOOwVOu2sEX80mI7eYKmRjl7AWMzVE6sER1boL+EyCW
4F5s9610J7KjpWh2QewhhefYPootah9JCKoybTrrba+hBESYtHuRwTTkay7cgMkd
J+a4xdjngl/ySFqOH7IhnnUD8Cs5UelHk7HlwqoGTxsaRjKnWlZ+1PqtE5buN7v+
SeZeYqeWwSJEeDis55dMIHuKmYl3XsAHU7405A8AW27YLh+ABrnZNctebHub3bJ8
BayfF1h1AHh1UohXnz7u6o9LKavmKzy1VoUiTBKbon+4mBILuj9MlJVXxCIq/8Sl
kmxKlE969d1Ij/6LeNKb/BZ9SYoEOdkgZdqO5BNNtsBgE17xm5yGuJeZyour5hSM
8a9FwRf9QjKD/xodIP0VtB/c53eUe1DRJNgwXkmC4K+7nslBexmzDOxs2bG2LXOU
z0aExXx0goTI5K14PRFE+hLVDOw0jNjp7K2EQAKSK9oKF1sR/tk2nqO/AduSArbe
bftlUMkfPwAuqhtNajQZ
=S2wI
-----END PGP SIGNATUREβ€”β€”

Related

securityvulns 14
nessus 30
openvas 14
kaspersky 2
prion 14
cve 14
ubuntucve 14
debiancve 1
freebsd 2
threatpost 1
debian 2
chrome 1
osv 1
ubuntu 2
fedora 5
mageia 1
gentoo 1
securityvulns
securityvulns
Apple Safari / Webkit multiple security vulnerabilities
2014-12-21 00:00:00
Apple TV multiple security vulnerabilities
2015-02-02 00:00:00
APPLE-SA-2015-01-27-1 Apple TV 7.0.3
2015-02-02 00:00:00
nessus
nessus
Safari < 6.2.2 / 7.1.2 / 8.0.2 Multiple Vulnerabilities
2015-01-27 00:00:00
Mac OS X : Apple Safari < 6.2.2 / 7.1.2 / 8.0.2 Multiple Vulnerabilities
2014-12-16 00:00:00
Safari < 6.2.1 / 7.1.1 / 8.0.1 Multiple Vulnerabilities
2015-03-04 00:00:00
openvas
openvas
Apple Safari 'Webkit' Multiple Vulnerabilities-01 Dec14 (Mac OS X)
2014-12-16 00:00:00
Apple Mac OS X Multiple Vulnerabilities-06 October-15
2015-10-29 00:00:00
Debian Security Advisory DSA 2939-1 (chromium-browser - security update)
2014-05-31 00:00:00
kaspersky
kaspersky
KLA10620 Multiple vulnerabilities in Apple iTunes
2015-06-30 00:00:00
KLA10007 Multiple vulnerabilities in Google Chrome
2014-05-20 00:00:00
prion
prion
Memory corruption
2014-12-10 21:59:00
Memory corruption
2014-12-10 21:59:00
Memory corruption
2014-12-10 21:59:00
cve
cve
CVE-2014-4468
2014-12-10 21:59:00
CVE-2014-4469
2014-12-10 21:59:00
CVE-2014-4466
2014-12-10 21:59:00
ubuntucve
ubuntucve
CVE-2014-4468
2014-12-10 00:00:00
CVE-2014-4474
2014-12-10 00:00:00
CVE-2014-4466
2014-12-10 00:00:00
debiancve
debiancve
CVE-2014-1748
2014-05-21 11:14:00
freebsd
freebsd
webkit -- UI spoof
2015-12-28 00:00:00
chromium -- multiple vulnerabilities
2014-05-20 00:00:00
threatpost
threatpost
Chrome 35 Fixes 23 Security Flaws
2014-05-20 14:11:21
debian
debian
[SECURITY] [DSA 2939-1] chromium-browser security update
2014-05-31 07:27:02
[SECURITY] [DSA 2939-1] chromium-browser security update
2014-05-31 07:27:02
chrome
chrome
Stable Channel Update
2014-05-20 00:00:00
osv
osv
chromium-browser - security update
2014-05-31 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2014-07-23 00:00:00
WebKitGTK+ vulnerabilities
2016-03-21 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: webkitgtk3-2.4.10-1.fc24
2016-03-27 00:38:22
[SECURITY] Fedora 23 Update: webkitgtk3-2.4.10-1.fc23
2016-03-21 01:53:49
[SECURITY] Fedora 22 Update: webkitgtk-2.4.10-1.fc22
2016-03-29 19:23:05
mageia
mageia
Updated webkit packages fix security vulnerability
2016-03-25 09:38:37
gentoo
gentoo
Chromium: Multiple vulnerabilities
2014-08-30 00:00:00
JSON
Related for SECURITYVULNS:DOC:31492
securityvulns14nessus30openvas14kaspersky2prion14cve14ubuntucve14debiancve1freebsd2threatpost1debian2chrome1osv1ubuntu2fedora5mageia1gentoo1