Info

Disclosure

Jul 25, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jul 25, 2012

Description

WebKit contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an error occurs during the handling of SVG images. This will disclose contents of an arbitrary memory location to a context-dependent attacker.

Classification

Location: Context Dependent
Attack Type: Information Disclosure
Impact: Loss of Confidentiality
Solution: Third-Party Solution
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

OSVDB is not currently aware of a solution for this vulnerability. Upgrade to Apple Safari version 6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Apple Inc.

Safari

5.1.7

References

Security Tracker: 1027307
CVE ID: 2012-3650 (see also: NVD)
Secunia Advisory ID: 50058 50586
Related OSVDB ID: 84200 84201 84203 84204 84205 84206 84207 84208 84209 84211 84213 84214
Vendor Specific Advisory URL: http://support.apple.com/kb/HT5400
http://support.apple.com/kb/HT5503

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/84210