Apple Patches 22 Safari WebKit Vulnerabilities

Author: Michael Mimoso
minute read

Apple released an update to its Safari web browser that patches 22 vulnerabilities in the Webkit browser engine, including a number of remote code execution and denial of service vulnerabilities.

Apple released an update to Safari yesterday patching 22 vulnerabilities in the WebKit browser engine that allow code execution or a browser crash.

Safari 7.0.4 is available for OS X Mavericks 10.9 and Safari 6.1.4 for OS X Mountain Lion 10.8. The vulnerabilities could be exploited if the user was tricked into visiting a malicious website and fell victim to a drive-by download.

“Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling,” Apple said in its advisory.

Apple also described a second security issue in the way WebKit handles Unicode characters in URLs; Apple said a malicious site could send messages that would circumvent the receiver’s origin check, causing the browser to crash.

“A maliciously crafted URL could have led to sending an incorrect postMessage origin. This issue was addressed through improved encoding/decoding,” Apple said.

Many of the WebKit code execution vulnerabilities were discovered by the Google Chrome Security Team; Google used WebKit in the Chrome browser until version 27. Since then, Chrome relies on Blink.

While most of bugs are fresh, two patches are from vulnerabilities reported in 2013. CVE-2013-2875 addresses a remote denial-of-service bug in Blink, while CVE-2013-2927 is a use-after-free vulnerability in the Blink HTMLFormElement function used in Chrome before version 30. It too allows attackers to remotely cause a denial of service condition on the browser.

Below is a list of the CVEs addressed in this update, and reporting credit

  • CVE-2013-2875 : miaubiz
  • CVE-2013-2927 : cloudfuzzer
  • CVE-2014-1323 : banty
  • CVE-2014-1324 : Google Chrome Security Team
  • CVE-2014-1326 : Apple
  • CVE-2014-1327 : Google Chrome Security Team, Apple
  • CVE-2014-1329 : Google Chrome Security Team
  • CVE-2014-1330 : Google Chrome Security Team
  • CVE-2014-1331 : cloudfuzzer
  • CVE-2014-1333 : Google Chrome Security Team
  • CVE-2014-1334 : Apple
  • CVE-2014-1335 : Google Chrome Security Team
  • CVE-2014-1336 : Apple
  • CVE-2014-1337 : Apple
  • CVE-2014-1338 : Google Chrome Security Team
  • CVE-2014-1339 : Atte Kettunen of OUSPG
  • CVE-2014-1341 : Google Chrome Security Team
  • CVE-2014-1342 : Apple
  • CVE-2014-1343 : Google Chrome Security Team
  • CVE-2014-1344 : Ian Beer of Google Project Zero
  • CVE-2014-1731 : an anonymous member of the Blink development community
  • CVE-2014-1346 : Erling Ellingsen of Facebook

In April, Apple patched 25 Safari bugs, all of them in the WebKit framework as well, including a handful of remote code execution flaws.

Suggested articles

Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.