RETIRED: Apple Safari Prior to 5.1.1 Multiple Security Vulnerabilities

Safari is prone to multiple security vulnerabilities that have been addressed in Apple security advisory APPLE-SA-2011-10-12-4. These issues affect versions prior to Safari 5.1.1 running on Apple Mac OS X, Windows 7, XP, and Vista.

Attackers can exploit these issues by enticing an unsuspecting user into visiting a malicious webpage. Successful attacks may result in a bypass of intended security protections, or remote code execution.

This BID is being retired. The following individual records exist to better document the issues:

50162 Apple Safari CVE-2011-3230 'file://' Remote Code Execution Vulnerability
50163 Apple Safari 'safari-extension://' URL Handling Directory Traversal Vulnerability
50169 Apple Safari SSL Certificates Handling (CVE-2011-3231) Remote Code Execution Vulnerability
50180 WebKit Private Browsing Security Bypass Vulnerability


Privacy Statement
Copyright 2010, SecurityFocus