Smokey's Security Weblog

veritas odium parit

Multiple Highly Critical Vulnerabilities in Apple Safari 3.x for Windows and Mac OS X

Multiple highly critical vulnerabilities are reported in Apple Safari 3.x for Mac OS’s and Safari 3.x for Windows XP and Vista, it concern all versions prior to 3.2

Impact of the vulnerabilities

- Multiple vulnerabilities exist in zlib 1.2.2, the most serious of which may lead to a denial of service.
– Processing an XML document may lead to an unexpected application termination or arbitrary code execution.
– Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
– Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
– Viewing a large maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution.
– Viewing a maliciously crafted image may lead to an unexpected application termination or arbitrary code execution.
– Sensitive information may be disclosed to a local console user.
– Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
– Visiting a maliciously crafted website may lead to the disclosure of sensitive information.

Original Advisory: Apple

Vendor patches to close these vulnerabilities are available, please update to version 3.2 asap.

Downloads

Safari 3.2 for Windows: here
Safari 3.2 for Tiger: here
Safari 3.2 for Leopard: here

November 15, 2008 Posted by | Advisories, Alerts, Downloads, Friends, Malware, Recommended External Security Related Links, Uncategorized, Vulnerabilities | , , , , , , , , , | 1 Comment

   

Follow

Get every new post delivered to your Inbox.