Zero Day Initiative Advisory 11-228 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on Windows and multiple applications on OSX.
>> TAG: #Vulnerability
Zero Day Initiative Advisory 11-190 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime running on OSX or Linux. This vulnerability does not affect java running on Windows.
Zero Day Initiative Advisory 11-139 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library’s implementation of a frame element.
Zero Day Initiative Advisory 11-138 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application’s implementation of a Frame element.
VSR identified a vulnerability in HFS+, a filesystem implemented in the OS X XNU kernel. HFS+ is the default filesystem in use on many installations of the Mac OS X operating system. By exploiting this vulnerability, an unprivileged user with local access to a machine using HFS+ may be able to read raw filesystem data, bypassing file permissions and resulting in information disclosure.
Zero Day Initiative Advisory 11-109 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on the iPhone. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for parsing Office files.
Zero Day Initiative Advisory 11-108 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mac OS X’s CFF Decoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari.
Zero Day Initiative Advisory 11-074 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader on Mac OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the U3D component distributed with the Reader.