Описание
Multiple critical vulnerabilities have been found in Apple Safari. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, inject code, bypass security restrictions, spoof user interfaces or read local files. Below is a complete list of vulnerabilities
- Unknown vectors can be exploited via a specially designed web site;
- Improper handling of autocomoplete can be exploited remotely by leveraging workstations;
- Uninitialized memory access can be exploited remotely via a specially designed web site;
- Incomplete blacklists can be exploited remotely via homoglyphs;
- Improper drag-n-drop handling can be exploited remotely via a specially designed web-site;
- Improper CSS handling can be exploited remotely via a specially designed web site;
- CRLF injections can be exploited remotely via a specially designed web site;
- Improper ‘file:’ URL handling can be exploited remotely via a WebProcess compromise;
- XSS can be exploited remotely via a specially designed web site or ‘feed:’ URL;
- Unknown vectors can be exploited remotely via ‘feed:’ URLs.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2012-3691 high
- CVE-2012-3690 warning
- CVE-2012-3626 critical
- CVE-2012-3627 critical
- CVE-2012-3636 critical
- CVE-2012-3653 critical
- CVE-2012-3655 critical
- CVE-2012-3656 critical
- CVE-2012-3615 critical
- CVE-2012-3693 critical
- CVE-2012-1520 critical
- CVE-2012-3609 critical
- CVE-2012-3650 warning
- CVE-2012-3593 critical
- CVE-2012-3589 critical
- CVE-2012-3603 critical
- CVE-2012-3605 critical
- CVE-2012-3604 critical
- CVE-2012-0680 critical
- CVE-2012-3667 critical
- CVE-2012-3696 warning
- CVE-2012-3694 warning
- CVE-2012-3695 warning
- CVE-2012-3629 critical
- CVE-2012-3640 critical
- CVE-2012-3608 critical
- CVE-2012-3599 critical
- CVE-2012-0678 warning
- CVE-2012-3635 critical
- CVE-2012-3634 critical
- CVE-2012-3625 critical
- CVE-2012-3645 critical
- CVE-2012-0683 critical
- CVE-2012-3663 critical
- CVE-2012-3596 critical
- CVE-2012-3594 critical
- CVE-2012-3620 critical
- CVE-2012-3611 critical
- CVE-2012-3670 critical
- CVE-2012-3597 critical
- CVE-2012-3600 critical
- CVE-2012-3633 critical
- CVE-2012-3678 critical
- CVE-2012-3679 critical
- CVE-2012-3628 critical
- CVE-2012-3637 critical
- CVE-2012-3674 critical
- CVE-2012-3639 critical
- CVE-2012-3610 critical
- CVE-2012-3618 critical
- CVE-2012-3591 critical
- CVE-2012-3592 critical
- CVE-2012-0679 warning
- CVE-2012-3641 critical
- CVE-2012-3595 critical
- CVE-2012-3697 high
- CVE-2012-3638 critical
- CVE-2012-3590 critical
- CVE-2012-3689 high
- CVE-2012-3661 critical
- CVE-2012-3631 critical
- CVE-2012-0682 critical
- CVE-2012-3668 critical
- CVE-2012-3669 critical
- CVE-2012-3664 critical
- CVE-2012-3665 critical
- CVE-2012-3666 critical
- CVE-2012-3683 critical
- CVE-2012-3646 critical
- CVE-2012-3686 critical
- CVE-2012-3642 critical
- CVE-2012-3630 critical
- CVE-2012-3644 critical
- CVE-2012-3682 critical
- CVE-2012-3680 critical
- CVE-2012-3681 critical
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!