Home / mailings APPLE-SA-2010-09-07-1 Safari 5.0.2 and Safari 4.1.2
Posted on 07 September 2010
Apple Security-announce-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2010-09-07-1 Safari 5.0.2 and Safari 4.1.2
Safari 5.0.2 and Safari 4.1.2 is now available and addresses the
following:
Safari
CVE-ID: CVE-2010-1805
Available for: Windows 7, Vista, XP SP2 or later
Impact: Opening a file in a directory that is writable by other
users may lead to arbitrary code execution
Description: A search path issue exists in Safari. When displaying
the location of a downloaded file, Safari launches Windows Explorer
without specifying a full path to the executable. Launching Safari by
opening a file in a specific directory will include that directory in
the search path. Attempting to reveal the location of a downloaded
file may execute an application contained in that directory, which
may lead to arbitrary code execution. This issue is addressed by
using an explicit search path when launching Windows Explorer. This
issue does not affect Mac OS X systems. Credit to Simon Raner of
ACROS Security for reporting this issue.
WebKit
CVE-ID: CVE-2010-1807
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later,
Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: An input validation issue exists in WebKit's handling
of floating point data types. Visiting a maliciously crafted website
may lead to an unexpected application termination or arbitrary code
execution. This issue is addressed through improved validation of
floating point values. Credit to Luke Wagner of Mozilla for reporting
this issue.
WebKit
CVE-ID: CVE-2010-1806
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later,
Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: A use after free issue exists in WebKit's handling of
elements with run-in styling. Visiting a maliciously crafted website
may lead to an unexpected application termination or arbitrary code
execution. This issue is addressed through improved handling of
object pointers. Credit to wushi of team509, working with
TippingPoint's Zero Day Initiative for reporting this issue.
Safari 5.0.2 and Safari 4.1.2 address the same set of security
issues. Safari 5.0.2 is provided for Mac OS X v10.5, Mac OS X v10.6,
and Windows systems. Safari 4.1.2 is provided for
Mac OS X v10.4 systems.
Safari 5.0.2 is available via the Apple Software Update
application, or Apple's Safari download site at:
http://www.apple.com/safari/download/
Safari 4.1.2 is available via the Apple Software Update
application, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
Safari for Mac OS X v10.6.2 and later
The download file is named: Safari5.0.2SnowLeopard.dmg
Its SHA-1 digest is: 695730a04038240c340571abf62c08f1ad5a8a5c
Safari for Mac OS X v10.5.8
The download file is named: Safari5.0.2Leopard.dmg
Its SHA-1 digest is: 3b71a553b53b8c22e0f4f21842f500ef5d6ed0e7
Safari for Mac OS X v10.4.11
The download file is named: Safari4.1.2Tiger.dmg
Its SHA-1 digest is: 35aafd64b4a74115469bc83dc390857b896197a3
Safari for Windows 7, Vista or XP
The download file is named: SafariSetup.exe
Its SHA-1 digest is: f15e3570e80a50abc0e200895d0b0492abc38386
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen
The download file is named: Safari_Setup.exe
Its SHA-1 digest is: a3418d1a4199bcc308c059b7c2caf14a20277ebb
Safari+QuickTime for Windows 7, Vista or XP
The file is named: SafariQuickTimeSetup.exe
Its SHA-1 digest is: 15f2482ace01924f89ded25f988458f58b5a4fa3
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
