Apple Releases Safari 5.1.7

[H4CK3R]

Today Apple Inc. has just released Safari 5.1.7 for Windows and Mac users. Safari includes the following new features and enhancements:

Safari 5.1.7 contains improvements to performance, stability, compatibility, and security, including changes that:

• Improve the browser's responsiveness when the system is low on memory
• Fix an issue that could affect websites using forms to authenticate users

It also includes the following security features:

Safari 5.1.7

• WebKit
  Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later
  Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack
  Description: Multiple cross-site scripting issues existed in WebKit.
  CVE-ID
  CVE-2011-3046 : Sergey Glazunov working with Google's Pwnium contest
  CVE-2011-3056 : Sergey Glazunov

• WebKit
  Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later
  Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
  Description: A memory corruption issue existed in WebKit.
  CVE-ID
  CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome Security Team

• WebKit
  Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later
  Impact: A maliciously crafted website may be able to populate form inputs on another website with arbitrary values
  Description: A state tracking issue existed in WebKit's handling of forms.
  CVE-ID
  CVE-2012-0676 : Andreas Åkre Solberg of UNINETT AS, Aaron Roots of Deakin University ITSD, Tyler Goen

Note[FONT='Lucida Grande', 'Lucida Sans Unicode', Helvetica, Arial, Verdana, sans-serif]: In addition, this update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website.[/FONT]

[FONT='Lucida Grande', 'Lucida Sans Unicode', Helvetica, Arial, Verdana, sans-serif]It is reccomended that all Mac OS X and Windows users update their Safari browser upon new updates from Apple.

Source(s): About the security content of Safari 5.1.7

[expl0itfinder]

Thanx, will check this out

[Cer0]

Beleive the mention of this update was put into the bundle news of the 10.7.4 update because after you installed that then the safari update was there.

But this gives more technical info on it.

[H4CK3R]

That was the point lol