Languages

Archived - About the security content of Safari 3 Beta Update 3.0.4

This article has been archived and is no longer updated by Apple.

This document describes the security content of Safari 3 Beta Update 3.0.4 for Microsoft Windows XP or Vista.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."

Where possible, CVE IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see "Apple Security Updates."

Safari 3 Beta Update 3.0.4

  • Safari

    CVE-ID: CVE-2007-4692

    Available for: Windows XP or Vista

    Impact: An issue in Safari Tabbed browsing may lead to the disclosure of user credentials

    Description: An implementation issue exists in the Tabbed browsing feature of Safari. If HTTP authentication is used by a site being loaded in a tab other than the active tab, an authentication sheet may be displayed although the tab and its corresponding page are not visible. The user may consider the sheet to come from the currently active page, which may lead to the disclosure of user credentials. This update addresses the issue through improved handling of authentication sheets. Credit to Michael Roitzsch of Technical University Dresden for reporting this issue.

  • Safari

    CVE-ID: CVE-2007-1351, CVE-2007-1352, CVE-2007-2754

    Available for: Windows XP or Vista

    Impact: Multiple vulnerabilities in FreeType v2.2.1

    Description: Multiple vulnerabilities exist in FreeType v2.2.1, the most serious of which may lead to arbitrary code execution. This update addresses the issue by updating FreeType to version 2.3.5. Further information is available via the FreeType site at http://www.freetype.org/

  • WebCore

    CVE-ID: CVE-2007-3758

    Available for: Windows XP or Vista

    Impact: Visiting a malicious website may lead to cross-site scripting

    Description: A cross-site scripting issue in Safari allows malicious websites to set JavaScript window properties of websites served from a different domain. By enticing a user to visit a maliciously crafted web page, an attacker may be able to get or set the window status and location of pages served from other websites. This update addresses the issue by providing improved access controls on these properties. Credit to Michal Zalewski of Google Inc. for reporting this issue.

  • WebCore

    CVE-ID: CVE-2007-3760

    Available for: Windows XP or Vista

    Impact: Visiting a malicious website may lead to cross-site scripting

    Description: A cross-site scripting issue in Safari allows a malicious website to bypass the same origin policy by hosting embedded objects with javascript URLs. By enticing a user to visit a maliciously crafted web page, an attacker may cause the execution of JavaScript in the context of another site. This update addresses the issue by restricting the use of the javascript URL scheme and adding additional origin validation for these URLs. Credit to Michal Zalewski of Google Inc. and Secunia Research for reporting this issue.

  • WebCore

    CVE-ID: CVE-2007-3756

    Available for: Windows XP or Vista

    Impact: Visiting a malicious website may lead to the disclosure of URL contents

    Description: Safari may allow a web page to read the URL that is currently being viewed in its parent window. By enticing a user to visit a maliciously crafted web page, an attacker may be able to obtain the URL of an unrelated page. This update addresses the issue through an improved cross-domain security check. Credit to Michal Zalewski of Google Inc. and Secunia Research for reporting this issue.

  • WebKit

    CVE-ID: CVE-2007-4671

    Available for: Windows XP or Vista

    Impact: JavaScript on websites may access or manipulate the contents of documents served over HTTPS

    Description: An issue in Safari allows content served over HTTP to alter or access content served over HTTPS in the same domain. By enticing a user to visit a maliciously crafted web page, an attacker may cause the execution of JavaScript in the context of HTTPS web pages in that domain. This update addresses the issue by preventing JavaScript access from HTTP to HTTPS frames. Credit to Keigo Yamazaki of LAC Co., Ltd. (Little eArth Corporation Co., Ltd.) for reporting this issue.

  • WebKit

    CVE-ID: CVE-2007-4698

    Available for: Windows XP or Vista

    Impact: Visiting a malicious website may lead to cross-site scripting

    Description: Safari allows JavaScript events to be associated with the wrong frame. By enticing a user to visit a maliciously crafted web page, an attacker may cause the execution of JavaScript in the context of another site. This update addresses the issue by associating JavaScript events with the correct source frame.

  • WebKit

    CVE-ID: CVE-2007-4812

    Available for: Windows XP or Vista

    Impact: Visiting a malicious website may lead to arbitrary code execution

    Description: A buffer overflow exists in Safari's handling of the status bar. By enticing a user to visit a maliciously crafted web page, an attacker may cause arbitrary code execution. This update addresses the issue by re-implementing the status bar handling.

Last Modified: Feb 20, 2012
  • Last Modified: Feb 20, 2012
  • Article: TA25078
  • Views:

    null

Additional Product Support Information