Multiple Vulnerabilities in Apple Safari
Original Issue Date: July 25, 2018
Severity Rating: High
- Apple Safari versions prior to 11.1.2
Multiple vulnerabilities have been reported in Apple Safari which could be exploited by a remote attacker to spoof URLs in the address bar, exfiltrate audio, execute remote code or cause denial of service conditions.
Multiple vulnerabilities exist in Apple Safari due to improper handling of user-supplied input, multiple memory corruption issues, improper state management or cross-origin access error in various components within WebKit and Safari component. A remote attacker could exploit these vulnerabilities by persuading the user to open a specially crafted webpage.
Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code, spoof address bar, exfiltrate audio or cause denial of service conditions.
Apply appropriate security updates as mentioned in the Apple Security Updates
The information provided herein is on "as is" basis, without warranty of any kind.
Email: firstname.lastname@example.org Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003