X
Business
Home Business Enterprise Software

Apple plugs code execution, phishing holes in Safari browser

Apple has released Safari 4.0.3 to fix at least six security vulnerabilities that put Mac and Windows users at risk of hacker attacks.
Written by Ryan Naraine, Contributor

safarismbrowser.png
Apple has released Safari 4.0.3 to fix at least six security vulnerabilities that put Mac and Windows users at risk of hacker attacks.

The update is considered highly-critical and should be immediately applied on both Windows and Mac systems because of the risk of information disclosure, phishing and remote code execution attacks.

Here's a snapshot of the vulnerabilities being fixed:

  • CVE-2009-2468 (Windows XP and Vista) -- A heap buffer overflow exists in the drawing of long
  • text strings. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
  • CVE-2009-2188 (Windows XP and Vista) -- A buffer overflow exists in the handling of EXIF metadata. Viewing a maliciously crafted image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
  • CVE-2009-2196 (Mac OS X, Windows XP and Vista) -- Safari 4 introduced the Top Sites feature to provide an at-a-glance view of a user's favorite websites. It is possible for a malicious website to promote arbitrary sites into the Top Sites view through automated actions. This could be used to facilitate a phishing attack.
  • CVE-2009-2195 (Mac OS X, Windows XP and Vista) -- A buffer overflow exists in WebKit's parsing of floating point numbers. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
  • CVE-2009-2200 (Mac OS X, Windows XP and Vista) -- WebKit allows the pluginspage attribute of the 'embed' element to reference file URLs. Clicking "Go" in the dialog that appears when an unknown plug-in type is referenced will redirect to the URL listed in the pluginspage attribute. This may allow a remote attacker to launch file URLs in Safari, and lead to the disclosure of sensitive information. This update addresses the issue by restricting the pluginspage URL scheme to http or https.
  • CVE-2009-2199 (Mac OS X, Windows XP and Vista) -- The International Domain Name (IDN) support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain. This update addresses the issue by supplementing
  • WebKit's list of known look-alike characters. Look-alike characters are rendered in Punycode in the address bar.

The new browser version is available via the Apple Software Update application or Apple's Safari download site.

Editorial standards
Show Comments

Related

The AGM Pad P2 tablet.

I did not expect this $170 Android tablet to be as impressive as it is

Makita Impact XPS Mag Boost and a set of Wera Screw Grippers

My 2 must-have tools to make DIY projects a lot less frustrating (and they're cheap)

Best Buy Essentials TV antenna review | Best TV antenna

The best indoor TV antenna you can buy: Expert tested