Apple Security Advisory 2013-09-12-2 - Safari 5.1.10 is now available. Multiple memory corruption issues existed in JavaScriptCore's JSArray::sort() method. These issues were addressed through additional bounds checking.
dad50264ba84704a812b063a6db4caf4aa8ffcc67468560920131a15005a4899A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native code to compare array items. If this compare function reduces array length, then the trailing array items will be written outside the "m_storage->m_vector[]" buffer, which leads to the heap memory corruption. This finding was purchased through the Packet Storm Bug Bounty program.
84bd76ba4dce1e485a3431a2c7bbd07c262e86f184ca05e0931fac224f9ab746A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. The exploit for this vulnerability is javascript code which shows how to use it for memory corruption of internal JS objects (Unit32Array and etc.) and subsequent arbitrary code execution (custom ARM/x64 payloads can be pasted into the JS code). This exploit affects Apple Safari version 6.0.1 for iOS 6.0 and OS X 10.7/8. Earlier versions may also be affected. It was obtained through the Packet Storm Bug Bounty program.
14c94c8c5cb510aa3236b42b9618aa54726915b4e116afea229961e936fb158dApple Security Advisory 2013-05-16-1 - iTunes 11.0.3 is now available and addresses multiple vulnerabilities. In versions prior to 11.0.3, an attacker in a privileged network position may manipulate HTTPS server certificates, leading to the disclosure of sensitive information and a man-in-the-middle attack is possible while browsing the iTunes Store via iTunes and may lead to an unexpected application termination or arbitrary code execution.
129669243b0bb2df5dce9d7152161d7c442f69bbbdf4f07f334021c9431610e2Apple Security Advisory 2012-11-29-1 - Apple TV 5.1.1 is now available and addresses information disclosure and code execution vulnerabilities.
caa20eb0d66851c61553ae776f1f9fa646d8aa08b83a087b6b2dc7fe2af9bedeApple Security Advisory 2012-11-01-2 - Safari 6.0.2 is now available and addresses multiple arbitrary code execution vulnerabilities.
8da82b760fa99acaf590f81a49c7fe3c1f426b36a77fd487b5dc79cad3d98fd3Apple Security Advisory 2012-11-01-1 - iOS 6.0.1 is now available and addresses an information disclosure issue, a Passbook bypass, an arbitrary code execution vulnerability, and more.
bb29a1d3c66440c76260fdaa5d43c43b2293e2d6e250d392f4373a39f3dd8dcd
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed