---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA36269 VERIFY ADVISORY: http://secunia.com/advisories/36269/ DESCRIPTION: Some vulnerabilities and a weakness have been reported in Apple Safari, which can be exploited by malicious people to manipulate certain data, disclose sensitive information, conduct spoofing attacks, or compromise a user's system. 1) An error within font glyph rendering in CoreGraphics can be exploited to cause a heap-based buffer overflow e.g. when a user visits a specially crafted web site. Successful exploitation may allow execution of arbitrary code. 2) A boundary error in ImageIO when processing EXIF metadata can be exploited to cause a buffer overflow and potentially execute arbitrary code via a specially crafted image. 3) An error in the Top Sites feature can be exploited to place a web site in the Top Sites view when a user visits a specially crafted web page. 4) An error in WebKit within the parsing of floating point numbers can be exploited to cause buffer overflows when a user visits a specially crafted web page. Successful exploitation may allow execution of arbitrary code. 5) An error in WebKit in the handling of the "pluginspage" attribute of the "embed" element can be exploited to reference file URLs. This can be exploited to disclose sensitive information when a user clicks on "Go" in the dialog for unknown plug-in types. 6) An error in the handling of IDN (International Domain Name) support can be exploited to spoof a URL via e.g. a domain containing certain international characters that resemble other commonly used characters. SOLUTION: Update to version 4.0.3. PROVIDED AND/OR DISCOVERED BY: 3) Inferno of SecureThoughts.com The vendor credits: 1) Will Drewry, Google Inc 5) Alexios Fakos, n.runs AG 6) Chris Weber, Casaba Security, LLC CHANGELOG: 2009-08-12: Added link to "Original Advisory" section. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3733 securethoughts.com: http://securethoughts.com/2009/08/hijacking-safari-4-top-sites-with-phish-bombs/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------