ID

VAR-201205-0398

CVE

CVE-2012-0676

TITLE

Apple Safari of WebKit Vulnerabilities entered in form fields

DESCRIPTION

WebKit in Apple Safari before 5.1.7 does not properly track state information during the processing of form input, which allows remote attackers to fill in form fields on the pages of arbitrary web sites via unspecified vectors. WebKit is prone to a security-bypass vulnerability. This issue allows a maliciously crafted website to populate form inputs on another website with arbitrary values. Attackers can exploit this issue to bypass security restrictions. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A security bypass vulnerability exists in WebKit in Apple Safari version 5.1.7. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47292 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47292/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47292 RELEASE DATE: 2012-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/47292/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47292/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47292 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. 1) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit. This is related to: SA48321 SA48454 (#3) SA48512 (#7) 2) An error related to stage tracking when handling forms can be exploited to populate forms on other websites. The vulnerabilities are reported in versions prior to 5.1.7. SOLUTION: Update to version 5.1.7. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits Tyler Goen, Andreas \xc5kre Solberg, UNINETT AS, and Aaron Roots, Deakin University ITSD. ORIGINAL ADVISORY: http://support.apple.com/kb/HT5282 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-09-2 Safari 5.1.7 Safari 5.1.7 is now available and addresses the following: WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-site scripting issues existed in WebKit. CVE-ID CVE-2011-3046 : Sergey Glazunov working with Google's Pwnium contest CVE-2011-3056 : Sergey Glazunov WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit. CVE-ID CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome Security Team WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to populate form inputs on another website with arbitrary values Description: A state tracking issue existed in WebKit's handling of forms. This update presents the option to install an updated version of Flash Player from the Adobe website. Safari 5.1.7 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/ Safari for OS X Lion v10.7.4 The download file is named: Safari5.1.7LionManual.dmg Its SHA-1 digest is: 5024eb2e358feb6b87d6eff15438bf7ae99619b4 Safari for Mac OS X v10.6.8 The download file is named: Safari5.1.7SnowLeopardManual.dmg Its SHA-1 digest is: 32d1dca993b455bc5c230caef95ab70c702e6fee Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: f601df0106987bfffc3f22b046ba835e4f8d29c6 Safari for Windows 7, Vista or XP from the Microsoft Choice Screen The download file is named: Safari_Setup.exe Its SHA-1 digest is: 193eaddae1d25dd1b0f8786a810de083fc9280b0 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQEcBAEBAgAGBQJPqtgCAAoJEGnF2JsdZQeeIvQIAIIbdrlsjYRAiMAEK/o4QwkF M4EIDhqpDPnjDFBcT39vqapEPt4btYp0x+464bNRyU9ex4bY7NGPzaKTS/bdcnXJ BbpmR8rFluCRZ3AIyFSYPvKImsoyp5IZ91lTIxes1E4j+ed1diXEpLlt8Pp4K3Fc w2hao+KBKYCUKcjy49whKC0+6jnQWPoP7lPl9gjVyM/fky4K2J/F2c2saXHTDS9l L3CU4+0jA6INzY2NN2j3jdSZgglLgRcDvF3dAriNhW0Wlyd6ucuTxULbC1cS0mRs w4stMTnMzdgKsy13kE2tBQAf3rguM1PzlJAlOZMw9Ad/O6lU+8uaJ8AmBygVpq4= =x2Jz -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

input validation

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Andreas Akre Solberg of UNINETT AS, Aaron Roots of Deakin University ITSD, Tyler Goe

SOURCES

LAST UPDATE DATE

2025-04-11T21:57:36.367000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE