SECUNIA ADVISORY ID: SA43696

VERIFY ADVISORY: http://secunia.com/advisories/43696/

CRITICALITY: Highly Critical

RELEASE DATE: 2011-03-11

DESCRIPTION: Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and spoofing attacks, and compromise a user's system. The vulnerabilities are reported in versions prior to 5.0.4. For more information: SA43582

1) An error in the WebKit component when handling redirects during HTTP Basic Authentication can be exploited to disclose the credentials to another site. This may be related to: SA40110
2) An error in the WebKit component when handling the Attr.style accessor can be exploited to inject an arbitrary Cascading Style Sheet (CSS) into another document.
3) A type checking error in the WebKit component when handling cached resources can be exploited to poison the cache and prevent certain resources from being requested.
4) An error in the WebKit component when handling HTML5 drag and drop operations across different origins can be exploited to disclose certain content to another site.
5) An error in the tracking of window origins within the WebKit component can be exploited to disclose the content of files to a remote server.
6) Input passed to the "window.console._inspectorCommandLineAPI" property while browsing using the Web Inspector is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

SOLUTION: Update to version 5.0.4.

PROVIDED AND/OR DISCOVERED BY:
2, 3, 6) Reported by the vendor.

The vendor also credits:
1) McIntosh Cooey, Twelve Hundred Group
1) Harald Hanche-Olsen
1) Chuck Hohn, 1111 Internet LLC via CERT
1) Paul Hinze, Braintree
4) Michal Zalewski, Google Inc.
5) Aaron Sigel, vtty.com

ORIGINAL ADVISORY: http://support.apple.com/kb/HT4566ECUNIA ADVISORY ID: SA43696