:: Deepquest ::

Secunia Security Advisory – A vulnerability has been reported in Apple iPhone iOS, which can be exploited by malicious people to compromise a vulnerable device.

VSR identified a vulnerability in HFS+, a filesystem implemented in the OS X XNU kernel. HFS+ is the default filesystem in use on many installations of the Mac OS X operating system. By exploiting this vulnerability, an unprivileged user with local access to a machine using HFS+ may be able to read raw filesystem data, bypassing file permissions and resulting in information disclosure.

iDefense Security Advisory 03.21.11 -Remote exploitation of a memory corruption vulnerability in Apple Inc.’s OfficeImport framework could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing an Excel file with a certain maliciously constructed record.

Zero Day Initiative Advisory 11-109 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on the iPhone. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for parsing Office files.

Zero Day Initiative Advisory 11-108 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mac OS X’s CFF Decoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari.

Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and spoofing attacks, and compromise a user’s system.

Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and spoofing attacks, cause a DoS (Denial of Service), and compromise a vulnerable device.