Zero Day Initiative Advisory 12-147 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the library attempts to replace a particular element due to an HTML5 ContentEditable command. Due to the library not accommodating for DOM mutation events that can be made to occur, an aggressor can modify the tree out from underneath the library, leading to a type change. This can be used to trigger a use-after-free condition at which point can lead to code execution under the context of the application.
760af7f903dcffc7c994f6ae84b2433bd35d6a3fcecf961d0e142117a41598e1Apple Security Advisory 2012-03-12-1 - Safari version 5.1.4 is now available and addresses 84 different vulnerabilities. This includes many fixes for WebKit related issues.
bc365007227c4580123163b3c91e0db846e682785546cac5b750dbdacd9d0a55Apple Security Advisory 2012-03-07-2 - iOS 5.1 Software Update is now available and addresses 81 vulnerabilities.
34048d7da394cc219fa8dc48de70abf8244a6ae7d398882cbeb4a40175ac988eApple Security Advisory 2012-03-07-1 - iTunes 10.6 is now available and addresses 72 vulnerabilities.
3188c99eb432c19008d932579fbe9d68dd7d9d636d0c2b977023272db310e3b0Gentoo Linux Security Advisory 201111-5 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 15.0.874.121 are affected.
57161b028a2eece67bf043d80846714b774a664d3a1dcec564d070df6893e1e4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed