漏洞类别:Local
漏洞等级: 
漏洞信息
Safari is a Web-browser developed by Apple which is based on the WebKit engine.
Visiting a malicious website may lead to address bar spoofing [CVE-2017-13790, CVE-2017-13789].
Processing maliciously crafted web content may lead to arbitrary code execution[CVE-2017-13785,13785,CVE-2017-13783,CVE-2017-13788,CVE-2017-13795,CVE-2017-13802,CVE-2017-13792,CVE-2017-13791,CVE-2017-13798,CVE-2017-13796,CVE-2017-13793,CVE-2017-13794,CVE-2017-13803].
Affected Versions
Apple Safari prior to 11.1
QID Detection Logic (Authenticated)
This checks for vulnerable versions of Apple Safari.
漏洞危害
A remote user can spoof the address bar.
解决方案
The browser should be updated to version 11.1 released by Apple.
For more information regarding the update click here.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论