:: Deepquest ::

iDefense Security Advisory 03.21.11 -Remote exploitation of a memory corruption vulnerability in Apple Inc.’s OfficeImport framework could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing an Excel file with a certain maliciously constructed record.

Zero Day Initiative Advisory 11-109 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on the iPhone. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for parsing Office files.

Secunia Security Advisory – Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari.

Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and spoofing attacks, and compromise a user’s system.

Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and spoofing attacks, cause a DoS (Denial of Service), and compromise a vulnerable device.

Secunia Security Advisory – Apple has acknowledge a security issue and multiple vulnerabilities in Apple TV, which can be exploited by malicious people to disclose sensitive information, cause a Dos (Denial of Service), and potentially compromise a vulnerable system.

Secunia Security Advisory – Apple has acknowledge a security issue and multiple vulnerabilities in Apple TV, which can be exploited by malicious people to disclose sensitive information, cause a Dos (Denial of Service), and potentially compromise a vulnerable system.