Apple patches Safari arbitrary code execution vulnerabilities

Apple released new versions of their Safari browser – 6.1.6 and 7.0.6 – in which they fixed multiple memory corruption problems in Webkit.

Out of the seven distinct CVE-IDs, five of the bugs were found in-house and the other two are credited to an anonymous researcher and the Google Chrome Security Team.

By setting up a web site with the malicious code, an attacker could cause arbitrary code execution or a denial of service (memory corruption and application crash) on the client’s computer.

List of the related CVE-IDs:

CVE-2014-1384
CVE-2014-1385
CVE-2014-1386
CVE-2014-1387
CVE-2014-1388
CVE-2014-1389
CVE-2014-1390.

More about

Apple
browser
Safari
security update

Sponsored

Apple patches Safari arbitrary code execution vulnerabilities

Featured news

Sponsored

Don't miss