Kaspersky Threats

Description

Multiple critical vulnerabilities have been found in Apple Safari. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, inject code, bypass security restrictions, spoof user interfaces or read local files. Below is a complete list of vulnerabilities

Unknown vectors can be exploited via a specially designed web site;
Improper handling of autocomoplete can be exploited remotely by leveraging workstations;
Uninitialized memory access can be exploited remotely via a specially designed web site;
Incomplete blacklists can be exploited remotely via homoglyphs;
Improper drag-n-drop handling can be exploited remotely via a specially designed web-site;
Improper CSS handling can be exploited remotely via a specially designed web site;
CRLF injections can be exploited remotely via a specially designed web site;
Improper ‘file:’ URL handling can be exploited remotely via a WebProcess compromise;
XSS can be exploited remotely via a specially designed web site or ‘feed:’ URL;
Unknown vectors can be exploited remotely via ‘feed:’ URLs.

Original advisories

CVE list

CVE-2012-3691
high
CVE-2012-3690
warning
CVE-2012-3626
critical
CVE-2012-3627
critical
CVE-2012-3636
critical
CVE-2012-3653
critical
CVE-2012-3655
critical
CVE-2012-3656
critical
CVE-2012-3615
critical
CVE-2012-3693
critical
CVE-2012-1520
critical
CVE-2012-3609
critical
CVE-2012-3650
warning
CVE-2012-3593
critical
CVE-2012-3589
critical
CVE-2012-3603
critical
CVE-2012-3605
critical
CVE-2012-3604
critical
CVE-2012-0680
critical
CVE-2012-3667
critical
CVE-2012-3696
warning
CVE-2012-3694
warning
CVE-2012-3695
warning
CVE-2012-3629
critical
CVE-2012-3640
critical
CVE-2012-3608
critical
CVE-2012-3599
critical
CVE-2012-0678
warning
CVE-2012-3635
critical
CVE-2012-3634
critical
CVE-2012-3625
critical
CVE-2012-3645
critical
CVE-2012-0683
critical
CVE-2012-3663
critical
CVE-2012-3596
critical
CVE-2012-3594
critical
CVE-2012-3620
critical
CVE-2012-3611
critical
CVE-2012-3670
critical
CVE-2012-3597
critical
CVE-2012-3600
critical
CVE-2012-3633
critical
CVE-2012-3678
critical
CVE-2012-3679
critical
CVE-2012-3628
critical
CVE-2012-3637
critical
CVE-2012-3674
critical
CVE-2012-3639
critical
CVE-2012-3610
critical
CVE-2012-3618
critical
CVE-2012-3591
critical
CVE-2012-3592
critical
CVE-2012-0679
warning
CVE-2012-3641
critical
CVE-2012-3595
critical
CVE-2012-3697
high
CVE-2012-3638
critical
CVE-2012-3590
critical
CVE-2012-3689
high
CVE-2012-3661
critical
CVE-2012-3631
critical
CVE-2012-0682
critical
CVE-2012-3668
critical
CVE-2012-3669
critical
CVE-2012-3664
critical
CVE-2012-3665
critical
CVE-2012-3666
critical
CVE-2012-3683
critical
CVE-2012-3646
critical
CVE-2012-3686
critical
CVE-2012-3642
critical
CVE-2012-3630
critical
CVE-2012-3644
critical
CVE-2012-3682
critical
CVE-2012-3680
critical
CVE-2012-3681
critical

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!

Multiple vulnerabilities in Apple Safari

Description

Original advisories

Related products

CVE list

Read more