漏洞信息详情
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari WebKit引擎处理HTML图形元素释放后使用漏洞
- CNNVD编号:CNNVD-201003-193
- 危害等级: 中危
- CVE编号: CVE-2010-0054
- 漏洞类型: 资源管理错误
- 发布时间: 2010-03-15
- 威胁类型: 远程
- 更新时间: 2010-03-15
- 厂 商: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
- 漏洞来源: Matthew Jurczyk Bi...
漏洞简介
Safari是苹果家族机器操作系统中默认捆绑的WEB浏览器。
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari的WebKit引擎存在释放后使用漏洞。WebKit在处理HTML图形元素时的释放后使用错误,远程攻击者可以利用包含HTML图形元素的向量,导致执行任意代码或拒绝服务(应用崩溃)。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/safari/download/
参考网址
来源: BID
名称: 38671
链接:http://www.securityfocus.com/bid/38671
来源: support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com
链接:http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/kb/HT4070
来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2010-03-11-1
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2010/Mar/msg00000.HTML
来源:NSFOCUS 名称:14628 链接:http://www.nsfocus.net/vulndb/14628
受影响实体
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari:4.0
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari:4.0.0b
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari:4.0.1
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari:4.0.2
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari:4.0.3
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论