In concert with the release of their highly anticipated Mountain Lion OS X, Apple also updated their Web browser, Safari, including a number of security fixes.
Among the security update in Safari 6 are three general patches. The first resolves a cross-site scripting vulnerability that existed in the handling of feed:// URLs, which could be exploited if users visited a maliciously crafted site. The next is an access-control issue in the handling of feed:// URL that could be exploited to steal files from a user-system and send them to a remote server. The last Safari fix resolves a password problem that was allowing the auto-complete feature to fill in password fields even when sites specified that auto-complete should be disabled.
The security update also fixes a Safari download bug that could lead to cross-site scripting attacks if a user opens a maliciously crafted file. The issue existed in Safari’s attachment value for HTTP content-disposition header, which are used by a number of websites to serve files uploaded by third-parties, such as attachments in web-based email applications. Files served with this header would be treated as if they had been served inline, meaning they would have full access to resources on the origin server.
The update also includes 13 WebKit bulletins that resolve a slew of vulnerabilities including problems with drag and drop events, the handling of CSS property values and iframes, and lookalike characters used to mask legitimate website URLs among other problems. If unpatched, these could lead to unexpected application termination, cross-site information disclosure, leakage of files to remote servers, iframe replacement, memory content disclosure, and other exploits.
You can check on the complete contents of Apple’s update here.
