WebKit Multiple Unspecified Memory Corruption Vulnerabilities

Bugtraq ID:	52363
Class:	Unknown
CVE:	CVE-2011-2866 CVE-2012-0634 CVE-2012-0636 CVE-2012-0637 CVE-2012-0638 CVE-2012-0639 CVE-2012-0648
Remote:	Yes
Local:	No
Published:	Mar 08 2012 12:00AM
Updated:	Mar 12 2012 07:50PM
Credit:	Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer, wushi of team509 working with TippingPoint's Zero Day Initiative, Jeremy Apthorp of Google, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer, Apple.
Vulnerable:	WebKit Open Source Project WebKit 1.2.5 WebKit Open Source Project WebKit 1.2.3 WebKit Open Source Project WebKit 1.2.2 WebKit Open Source Project WebKit r82222 WebKit Open Source Project WebKit r77705 WebKit Open Source Project WebKit r52833 WebKit Open Source Project WebKit r52401 WebKit Open Source Project WebKit r51295 WebKit Open Source Project WebKit r38566 WebKit Open Source Project WebKit 1.2.X WebKit Open Source Project WebKit 1.2.2-1 WebKit Open Source Project WebKit 0 Apple Safari 5.0.6 Apple Safari 4.1.2 for Windows Apple Safari 4.0.5 for Windows Apple Safari 4.0.5 Apple Safari 4.0.4 for Windows Apple Safari 4.0.4 Apple Safari 4.0.3 for Windows Apple Safari 4.0.3 Apple Safari 4.0.2 for Windows Apple Safari 4.0.2 Apple Safari 4.0.1 Apple Safari 3.2.3 for Windows Apple Safari 3.2.3 Apple Safari 5.1.1 for Windows Apple Safari 5.1.1 Apple Safari 5.1 for Windows Apple Safari 5.1 Apple Safari 5.0.6 for windows Apple Safari 5.0.5 for Windows Apple Safari 5.0.5 Apple Safari 5.0.4 for Windows Apple Safari 5.0.4 Apple Safari 5.0.3 for Windows Apple Safari 5.0.3 Apple Safari 5.0.2 for Windows Apple Safari 5.0.2 Apple Safari 5.0.1 for Windows Apple Safari 5.0.1 Apple Safari 5.0 for Windows Apple Safari 5.0 Apple Safari 4.1.3 for Windows Apple Safari 4.1.3 Apple Safari 4.1.2 Apple Safari 4.1.1 Apple Safari 4.1 Apple Safari 4.0 Beta Apple Safari 4.0 Apple Safari 4 for Windows Apple Safari 4 Beta Apple Safari 4 Apple iTunes 10.5.1 Apple iTunes 10.5 Apple iTunes 10.2.2 Apple iTunes 10.2 Apple iTunes 10.1 Apple iTunes 10
Not Vulnerable:	Apple Safari 5.1.4 for Windows Apple Safari 5.1.4 Apple iTunes 10.6

WebKit Multiple Unspecified Memory Corruption Vulnerabilities

WebKit is prone to multiple unspecified memory-corruption vulnerabilities.

An attacker can exploit these issues by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application.

Few technical details are currently available. We will update this BID when more information emerges.

Successful exploits will allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible.

WebKit Multiple Unspecified Memory Corruption Vulnerabilities

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

NOTE: To exploit these issues through iTunes, an attacker must first execute a successful man-in-the-middle attack.

WebKit Multiple Unspecified Memory Corruption Vulnerabilities

Solution:
Updates are available. Please see the references for more information.


Apple Safari 5.1.1

• Apple Safari5.1.4LionManual.dmg
  Safari for OS X Lion v10.7.3
  http://www.apple.com/safari/download/


• Apple Safari5.1.4SnowLeopardManual.dmg
  Safari for Mac OS X v10.6.8
  http://www.apple.com/safari/download/

Apple Safari 5.1.1 for Windows

• Apple APPLE-SA-2012-03-12-1-Safari_Setup.exe
  Safari for Windows 7, Vista or XP from the Microsoft Choice Screen
  http://www.apple.com/safari/download/


• Apple APPLE-SA-2012-03-12-1-SafariSetup.exe
  Safari for Windows 7, Vista or XP
  http://www.apple.com/safari/download/

Apple iTunes 10.5

• Apple APPLE-SA-2012-03-07-1-iTunes64Setup.exe
  For 64-bit Windows XP / Vista / Windows 7
  http://www.apple.com/itunes/download/


• Apple APPLE-SA-2012-03-07-1-iTunesSetup.exe
  For Windows XP / Vista / Windows 7
  http://www.apple.com/itunes/download/

Apple iTunes 10.2.2

• Apple APPLE-SA-2012-03-07-1-iTunes64Setup.exe
  For 64-bit Windows XP / Vista / Windows 7
  http://www.apple.com/itunes/download/


• Apple APPLE-SA-2012-03-07-1-iTunesSetup.exe
  For Windows XP / Vista / Windows 7
  http://www.apple.com/itunes/download/

Apple Safari 5.1

• Apple Safari5.1.4LionManual.dmg
  Safari for OS X Lion v10.7.3
  http://www.apple.com/safari/download/


• Apple Safari5.1.4SnowLeopardManual.dmg
  Safari for Mac OS X v10.6.8
  http://www.apple.com/safari/download/

Apple Safari 5.1 for Windows

• Apple APPLE-SA-2012-03-12-1-Safari_Setup.exe
  Safari for Windows 7, Vista or XP from the Microsoft Choice Screen
  http://www.apple.com/safari/download/


• Apple APPLE-SA-2012-03-12-1-SafariSetup.exe
  Safari for Windows 7, Vista or XP
  http://www.apple.com/safari/download/

Apple iTunes 10.5.1

• Apple APPLE-SA-2012-03-07-1-iTunes64Setup.exe
  For 64-bit Windows XP / Vista / Windows 7
  http://www.apple.com/itunes/download/


• Apple APPLE-SA-2012-03-07-1-iTunesSetup.exe
  For Windows XP / Vista / Windows 7
  http://www.apple.com/itunes/download/

WebKit Multiple Unspecified Memory Corruption Vulnerabilities

References:

• iTunes Homepage (Apple)
  
• Webkit Homepage (Webkit)