Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scriptingĭescription: A logic issue existed in the handling of DOMParser.
#Versions of safari that work with yosemite code#
Impact: Processing maliciously crafted web content may lead to arbitrary code executionĭescription: Multiple memory corruption issues were addressed with improved memory handling.ĬVE-2017-7018: lokihardt of Google Project ZeroĬVE-2017-7020: likemeng of Baidu Security LabĬVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)ĬVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)ĬVE-2017-7037: lokihardt of Google Project ZeroĬVE-2017-7039: Ivan Fratric of Google Project ZeroĬVE-2017-7040: Ivan Fratric of Google Project ZeroĬVE-2017-7041: Ivan Fratric of Google Project ZeroĬVE-2017-7042: Ivan Fratric of Google Project ZeroĬVE-2017-7043: Ivan Fratric of Google Project ZeroĬVE-2017-7046: Ivan Fratric of Google Project ZeroĬVE-2017-7048: Ivan Fratric of Google Project ZeroĬVE-2017-7052: cc working with Trend Micro's Zero Day InitiativeĬVE-2017-7055: The UK's National Cyber Security Centre (NCSC)ĬVE-2017-7056: lokihardt of Google Project ZeroĬVE-2017-7061: lokihardt of Google Project Zero Impact: Visiting a malicious website may lead to address bar spoofingĭescription: A state management issue was addressed with improved frame handling.ĬVE-2017-7011: xisigr of Tencent's Xuanwu Lab () This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered.ĬVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher Impact: A malicious website may exfiltrate data cross-originĭescription: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. The issue was addressed through throttling of print dialogs.ĬVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogsĭescription: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked.
Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6
0 kommentar(er)
