• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-2013-03-14-2 Safari 6.0.3
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2013-03-14-2 Safari 6.0.3


  • Subject: APPLE-SA-2013-03-14-2 Safari 6.0.3
  • From: Apple Product Security <email@hidden>
  • Date: Thu, 14 Mar 2013 14:02:07 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-03-14-2 Safari 6.0.3

Safari 6.0.3 is now available and addresses the following:

WebKit
Available for:  OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.2
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2012-2824 : miaubiz
CVE-2012-2857 : Arthur Gerkis
CVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security
Team
CVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security
Team
CVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security
Team
CVE-2013-0951 : Apple
CVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security
Team
CVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security
Team
CVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the
Google Chrome Security Team
CVE-2013-0955 : Apple
CVE-2013-0956 : Apple Product Security
CVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security
Team
CVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security
Team
CVE-2013-0960 : Apple
CVE-2013-0961 : wushi of team509 working with iDefense VCP

WebKit
Available for:  OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.2
Impact:  Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description:  A cross-site scripting issue existed in the handling of
frame elements. This issue was addressed through improved origin
tracking.
CVE-ID
CVE-2012-2889 : Sergey Glazunov

WebKit
Available for:  OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.2
Impact:  Copying and pasting content on a malicious website may lead
to a cross-site scripting attack
Description:  A cross-site scripting issue existed in the handling of
content pasted from a different origin. This issue was addressed
through additional validation of pasted content.
CVE-ID
CVE-2013-0962 : Mario Heiderich of Cure53

For OS X Lion systems Safari 6.0.3 is available via
the Apple Software Update application.

For OS X Mountain Lion systems Safari 6.0.3 is included with
OS X v10.8.3.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJRQBJQAAoJEPefwLHPlZEwj8MP/0dgfaWcn1PZL/BJWaCiBHFn
/FLQX83+8v+KexkQY4j1DxvlnrIT6ufAuAZV1VHOzWHhDngwt7EWzPUhT8o8FygE
7qWzamv47n/u2PfMmjNqTivBkEx6PchF1Hlny9cu6xY41NzKsYeQKiIwMJWGAojj
huYz31K/YKG/mx1AaS0eVSn7Ypevpq9j7QmnvS6ojQm+b7jKCmpHRlnTSDLRshST
QzWo/Do5fcavT9gPqVVm1qag+QzvKTMa6ZK7IDEsnHil1aA3T94taR0AJLVtYzrv
zeB8ZJyKNC2ols5QnNknJeqwpTkijaUoRkoZkG/HLGA4OT9PKXRWUoBxpvxGjj6W
bixIKYGItWEm5DndatgdDdpKXIlAIf1nMKNmjdDq3C0TYi4bTR6jkcRC8LL+2MrZ
ZZdjXdzjmm4PTJpXaIxL7IiaMy1j4Hy+EpciUVZ0sDHGQ+pBgv7QBPKym+g56VNB
o48bFGYbyGyDX2Jiag17rLxlh25qZ6YU2ZDsdFs+dXOgg+VX+sU31O94cOa07whH
6k3916hAGRaE4E+sQZYyHdWzgosk1J5Fj2aN6OGzrjYOxNH4ZiNvzmloruGFQKBx
fhDw8HUijO6eFfhqBEkGm/9rp99SobXBo4A13S6lAbu9x/hQ7WyzC86T03JcoQlu
f08mcBxZvJYFFXVgWg6x
=SOkH
-----END PGP SIGNATURE-----
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

  • Prev by Date: APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001
  • Next by Date: APPLE-SA-2013-03-19-1 iOS 6.1.3
  • Previous by thread: APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001
  • Next by thread: APPLE-SA-2013-03-19-1 iOS 6.1.3
  • Index(es):
    • Date
    • Thread