SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Browser)  >   Apple Safari Vendors:   Apple
Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information
SecurityTracker Alert ID:  1027307
SecurityTracker URL:  http://securitytracker.com/id/1027307
CVE Reference:   CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3913, CVE-2012-0678, CVE-2012-0679, CVE-2012-0680, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-2815, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3599, CVE-2012-3600, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3615, CVE-2012-3618, CVE-2012-3620, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3650, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3674, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3686, CVE-2012-3689, CVE-2012-3690, CVE-2012-3691, CVE-2012-3693, CVE-2012-3694, CVE-2012-3695, CVE-2012-3696, CVE-2012-3697   (Links to External Site)
Date:  Jul 26 2012
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 6.0
Description:   Multiple vulnerabilities were reported in Apple Safari. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can conduct cross-site scripting attacks. A remote user can conduct HTTP response splitting attacks. A remote user can spoof URLs. A remote user can obtain potentially sensitive information.

A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system [CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3913, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3599, CVE-2012-3600, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3615, CVE-2012-3618, CVE-2012-3620, CVE-2012-3625,
CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641,
CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669,
CVE-2012-3670, CVE-2012-3674, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3686] . The code will run with the privileges of the target user.

A remote user can cause arbitrary scripting code to be executed by the target user's browser [CVE-2012-0678, CVE-2012-2815, CVE-2012-3695]. The code will run in the security context of an arbitrary site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

A remote user can create specially crafted HTML that, when loaded by the target user, will cause files on the target user's system to be sent to a remote server [CVE-2012-0679].

Some password input elements may be autocompleted even if the site specifies that autocomplete be disabled [CVE-2012-0680].

A remote user can create specially crafted HTML that, when loaded by the target user, will exploit a flaw in processing SVG images to obtain memory contents [CVE-2012-3650].

When the target user drags and drops selected text on a specially crafted web page, the web page can obtain information from other domains [CVE-2012-3689] or files from the target user's system [CVE-2012-3690].

A remote user can submit a specially crafted URL to cause the target server to return a split response [CVE-2012-3696]. A remote user can exploit this to spoof content on the target server, attempt to poison any intermediate web caches, or conduct cross-site scripting attacks.

A remote user can create specially crafted HTML that, when loaded by the target user, will exploit a flaw in the processing of CSS property values to obtain information from a different site [CVE-2012-3691].

A remote user can create a URL with specially crafted characters to spoof a domain name in the address bar [CVE-2012-3693].

A user can drag and drop a file to Safari to cause the filesystem path to be disclosed to remote users [CVE-2012-3694].

An application can exploit an access control flaw to escape the sandbox and access files with the privileges of the target user [CVE-2012-3697].

miaubiz, Arthur Gerkis, Masato Kinugawa, Aaron Sigel of vtty.com, Dan Poltawski of Moodle, Apple Product Security, Dave Mandelin of Mozilla, Martin Barbella of the Google Chrome Security Team, Jose A. Vazquez of spa-s3c.blogspot.com (via iDefense VCP), Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt, and Dan Boneh of the Stanford University Security Laboratory, Skylined of the Google Chrome Security Team, Abhishek Arya of Google Chrome Security Team, David Levin of the Chromium development community, Cris Neckar of the Google Chrome Security team, Stephen Chenney of the Chromium development community, Slawomir Blazek, Julien Chaffraix of the Chromium development community, Thomas Sepez of the Chromium development community, Trevor Squires of propaneapp.com, Chris Leary of Mozilla, Adam Barth of the Google Chrome Security Team, wushi of team509 (via iDefense VCP), Robin Cao of Torch Mobile (Beijing), David Bloom of Cue, Matt Cooley of Symantec, Daniel Cheng of Google, Masato Kinugawa, and David Belcher of the BlackBerry Security Incident Response Team reported these vulnerabilities.

Impact:   A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can access the target user's cookies (including authentication cookies), if any, associated with an arbitrary site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

A remote user can create a URL that, when loaded by the target user, will cause arbitrary content to be displayed.

A remote user may be able to poison any intermediate web caches with arbitrary content.

A remote user can obtain potentially sensitive information.

Solution:   The vendor has issued a fix (6.0), available via the Apple Software Update application.

The vendor's advisory is available at:

http://support.apple.com/kb/HT5400

Vendor URL:  support.apple.com/kb/HT5400 (Links to External Site)
Cause:   Access control error, Boundary error, Input validation error
Underlying OS:  UNIX (macOS/OS X)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Sep 13 2012 (Apple Issues Fix for iTunes) Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information
Apple has issued a fix for iTunes for Windows.
Sep 26 2012 (Apple Issues Fix for Apple TV) Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information
Apple has issued a fix for Apple TV.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC