Bugzilla – Bug 923223
VUL-0: Various WebKit security issues.
Last modified: 2021-09-01 11:55:43 UTC
Apple has announced a new Safari / Webkit release which fixes a lot of CVEs.
APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and
address the following:
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-2015-1068 : Apple
CVE-2015-1069 : Apple
CVE-2015-1070 : Apple
CVE-2015-1071 : Apple
CVE-2015-1073 : Apple
CVE-2015-1074 : Apple
CVE-2015-1075 : Google Chrome Security team
CVE-2015-1077 : Apple
CVE-2015-1078 : Apple
CVE-2015-1079 : Apple
CVE-2015-1080 : Apple
CVE-2015-1081 : Apple
CVE-2015-1082 : Apple
CVE-2015-1083 : Apple
Impact: Inconsistent user interface may prevent users from
discerning a phishing attack
Description: A user interface inconsistency existed in Safari that
allowed an attacker to misrepresent the URL. This issue was addressed
through improved user interface consistency checks.
CVE-2015-1084 : Apple
bugbot adjusting priority
likely fixed where needed and possible, addressed in other bugs