===================================================================== CERT-Renater Note d'Information No. 2014/VULN167 _____________________________________________________________________ DATE : 14/08/2014 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Safari versions prior to 6.1.6, 7.0.6. ====================================================================== http://support.apple.com/kb/HT1222 ______________________________________________________________________ APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6 Safari 6.1.6 and Safari 7.0.6 are now available and address the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2014-1384 : Apple CVE-2014-1385 : Apple CVE-2014-1386 : an anonymous researcher CVE-2014-1387 : Google Chrome Security Team CVE-2014-1388 : Apple CVE-2014-1389 : Apple CVE-2014-1390 : Apple For OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.6 and Safari 6.1.6 may be obtained from Mac App Store. For OS X Lion systems Safari 6.1.6 is available via the Apple Software Update application. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================