Home / mailings

PDF

APPLE-SA-2008-06-30 Safari 3.1.2 for Mac OS X v10.4.11

Posted on 30 June 2008
Apple Security-announce

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2008-06-30 Safari 3.1.2 for Mac OS X v10.4.11

Safari 3.1.2 is now available for Mac OS X v10.4.11 and addresses the
following issue:

WebKit
CVE-ID: CVE-2008-2307
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue exists in WebKit's handling
of JavaScript arrays. Visiting a maliciously crafted website may lead
to an unexpected application termination or arbitrary code execution.
This update addresses the issue through improved bounds checking.
This issue is addressed in Safari 3.1.2 for Windows XP or Vista, and
also in systems running Mac OS X v10.5.4. Credit to James Urquhart
for reporting this issue.

Safari 3.1.2 for Mac OS X v10.4.11 is available via the Apple
Software Update application, or Apple's Safari download site at:
http://www.apple.com/safari/download/

The download file is named: "Safari312UpdTiger.dmg"
Its SHA-1 digest is: 92dcca834e790d719953a649aae6b28e92de4717

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

 

TOP