Risks
Advisories
Browse
or
or
Apple Product Security - Safari 6.0.2 (APPLE-SA-2012-11-01-2)
APPLE-SA-2012-11-01-2 Safari 6.0.2

Safari 6.0.2 is now available and addresses the following:

WebKit
Available for:  OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.2
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  A time of check to time of use issue existed in the
handling of JavaScript arrays. This issue was addressed through
additional validation of JavaScript arrays.
CVE-ID
CVE-2012-3748 : Joost Pol and Daan Keuper of Certified Secure working
with HP TippingPoint's Zero Day Initiative

WebKit
Available for:  OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.2
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  A use after free issue existed in the handling of SVG
images. This issue was addressed through improved memory handling.
CVE-ID
CVE-2012-5112 : Pinkie Pie working with Google's Pwnium 2 contest


For OS X Lion systems Safari 6.0.2 is available via
the Apple Software Update application.

For OS X Mountain Lion systems Safari 6.0.2 is available via
Mac App Store.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/




Spotlight

Behavioral analysis and information security

Posted on 22 September 2014.  |  In this interview, Kevin Watkins, Chief Architect at Appthority, talks about the benefits of using behavioral analysis in information security and how behavioral analysis can influence the evolution of security technologies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //