ID: 3836
Date: 13/05/2009
Title: 3836 - APPLE-SA-2009-05-12 Safari 4 Public Beta Security Update
Platform level affected:Net Application - Client
Hardware components affected:Intel PC
Specific operating systems components affected: 32-bit Windows
Net-enabled software: Other
Security software:Other
Other software: Web Browser
Remediation Summary:Update your copy of the software with the download available from the supplier.
Vendors affected:Apple
Applications affected:Safari
Adversity source: Unknown
Attack Vector: Vulnerability exploitation
Virulence: Unknown
Warning Status: Active
Potential Damage: Remote execution/modification
Possible Duration: Open Ended
Availability of fix: Available
Type of fix: Patch
Source: www.apple.com
Reliability of source: Trusted
Source URL: http://www.apple.com/safari/download/
CVE: CVE-2008-3529, CVE-2009-0162, CVE-2009-0945
Abstract: Safari 4 Public Beta Security Update now available
APPLE-SA-2009-05-12 Safari 4 Public Beta Security Update
Safari 4 Public Beta Security Update is now available and addresses the following:
libxml
CVE-ID: CVE-2008-3529
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.7, Mac OS X Server v10.5.7, Windows XP or Vista
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in libxml's handling of long entity names. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
This update addresses the issue through improved bounds checking.
This issue is addressed in Safari 3.2.3.
Safari
CVE-ID: CVE-2009-0162
Available for: Mac OS X v10.5.7, Mac OS X Server v10.5.7, Windows XP or Vista
Impact: Accessing a maliciously crafted "feed:" URL may lead to arbitrary code execution
Description: Multiple input validation issues exist in Safari's handling of "feed:" URLs. Accessing a maliciously crafted "feed:" URL may lead to the execution of arbitrary JavaScript. This update addresses the issues by performing additional validation of "feed:"
URLs. These issues do not affect systems prior to Mac OS X v10.5.
These issues are addressed in Safari 3.2.3. Credit to Billy Rios and Microsoft Vulnerability Research (MSVR), and Alfredo Melloni for reporting these issues.
WebKit
CVE-ID: CVE-2009-0945
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.7, Mac OS X Server v10.5.7, Windows XP or Vista
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: A memory corruption issue exists in WebKit's handling of SVGList objects. Visiting a maliciously crafted website may lead to arbitrary code execution. This update addresses the issue through improved bounds checking. This issue is addressed in Safari 3.2.3.
Credit to Nils working with TippingPoint's Zero Day Initiative for reporting this issue.
Safari 4 Public Beta Security Update is available via the Apple Software Update application, or Apple's Safari download site at:
http://www.apple.com/safari/download/
Safari for Mac OS X v10.5.7
The download file is named: Safari4.0BetaSecUpdateLeo.dmg Its SHA-1 digest is: ebce612f58cd938a6f2033d449be2e1fd4ca51c6
Safari for Mac OS X v10.4.11
The download file is named: Safari4.0BetaSecUpdateTiger.dmg Its SHA-1 digest is: 7f8bf60d28343bb49c8c6995da4980947032ed0e
Safari for Windows XP or Vista
The download file is named: SafariSetup.exe Its SHA-1 digest is: 9d055956145d09003d1adf2e16dc98aa7c261c81
Safari+QuickTime for Windows XP or Vista
The file is named: SafariQuickTimeSetup.exe Its SHA-1 digest is: 666f8ed271700cfcaa0ddba533d5a949db22a2b9
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at:
https://www.apple.com/support/security/pgp/
This advisory contains information released by the original author. Some of the information may have changed since it was released. If the issue affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you receive the most current information concerning that problem. Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI.
The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. CPNI shall not accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this advisory.
CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.
Wed, 13 May 2009 00:00:00 GMT
Domain affected: Technical