Apple released new versions of Safari June 7 with critical fixes for both Windows and Mac OS X users.
Many of the bugs addressed in Safari 4.1 and 5.0 can be exploited to remotely execute code. Several of the vulnerabilities impacted WebKit, the open-source browser engine behind Safari.
Here are some of the most serious bugs patched in the release:
⢠Safari (CVE-2010-1384) — Safari supports the inclusion of user information in URLs, which allows the URL to specify a username and password to authenticate the user to the named server. These URLs are often used to confuse users, which can potentially aid phishing attacks.
⢠Safari (CVE-2010-1385) — A use after free issue exists in Safari’s handling of PDF files. Visiting a maliciously crafted Website may lead to an unexpected application termination or arbitrary code execution.
⢠WebKit (CVE-2010-1392) — A use after free issue exists in WebKit’s rendering of HTML buttons. Visiting a maliciously crafted Website may lead to an unexpected application termination or arbitrary code execution.
⢠WebKit (CVE-2010-1422) — An implementation issue exists in WebKit’s handling of keyboard focus. If the keyboard focus changes during the processing of key presses, WebKit may deliver an event to the newly focused frame, instead of the frame that had focus when the key press occurred. A maliciously crafted Website may be able to manipulate a user into taking an unexpected action, such as initiating a purchase.
Safari 5.0 is provided for Mac OS X v10.5, Mac OS X v10.6 and Microsoft Windows systems, while Safari 4.1 is provided for Mac OS X v10.4 systems. Information about the rest of the bugs can be found here.
