BugTraq
APPLE-SA-2013-04-16-1 Safari 6.0.4 Apr 16 2013 08:35PM
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-04-16-1 Safari 6.0.4

Safari 6.0.4 is now available and addresses the following:

WebKit
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.3
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: An invalid cast issue existed in the handling of SVG
files. This issue was addressed through improved type checking.
CVE-ID
CVE-2013-0912 : Nils and Jon from MWR Labs working with HP
TippingPoint's Zero Day Initiative

For OS X Lion systems Safari 6.0.3 is available via
the Apple Software Update application.

For OS X Mountain Lion systems Safari 6.0.3 is included with
OS X v10.8.3.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJRbOeOAAoJEPefwLHPlZEwksAP/Ri4p48A5xqlZjpsEjoHc6Zf
rIm01xAyqsVUg85leD5NP+8yqvEFV52FEG1sONslOFbnRz62RPWZsOtPs0sIrfYR
svRiCdXrB9nHW6NkrtXuEAAzFZl1VQ5Wu5ojWJU5VNrcW+Idml0eV9ktp5V5mSH1
dy+airv3xYGJt+35JttKTgKEPFLcU5uSxssEQb4SlTBDdCZFBV/+nbcDh0t1sapB
aS9iZnzbEh/mapMzkxMy7PBV3GGgu/bkTziSk5jV6G9WNaRUzKHrJgbIYkV1wDn0
lom7tyozkU+1P/XRYOJsdk+8Z8b9Zy6eihsvMgnWh7vBqSRHO1v6MTkIgkNQe64i
MQsmPbo3AuPq0EgKrUWHwO86OSy1J9lKiqsPCrGul05VhRAsTLTn1RiKAN20PsQH
XQKog9Nfk1yNrL+ONSlYB13w56QKDzzXmwWFRHBrwfMxH/YDICDPkLJumsOSS0SL
nuz9hfNCD7tKUg2/3JV2RVf94xa66Zli3j524VG54s19aBrUqx1cbqDBvAl9lyJY
hCijZUklOGYI0RPbP86dv1NdUdBN5dOT2foqlrGQU83ppvTO1sNC8NNFe+81RhkV
QXweNwnYMcW7183xz2Xenh4+oihzpg2dcn2FNlmu+utMMX7P+6ed9nYLbpR1FlEp
z4SkKyISyJ+dYYK/o0J5
=Vj0q
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus