An issue existed in the parsing of geolocation requests. A port redirection issue was addressed through additional port validation. This issue was addressed through improved URL handling. An issue existed in the handling of attachment URLs. This issue was addressed through improved state management. A cookie storage issue existed in the Top Sites page. This was addressed through additional checks during file expansion. An insufficient input validation issue existed in the handling of certain files. This issue was addressed by no longer including that text. An issue existed where the text of a dialog included page-supplied text. Multiple memory corruption issues were addressed through improved memory handling.
Image Smoothing Quality for Canvas Rendering iOS gesture events are now supported on Safari for OS X.
Description: Multiple memory corruption issues were addressed through improved memory handling. Description: An insufficient taint tracking issue in the parsing of svg images was addressed through improved taint tracking. Impact: Visiting a malicious website may disclose data from another website The issue was addressed through improved data deletion. Description: 'Clear History and Website Data' did not clear the history. Impact: A user may be unable to fully delete browsing history Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5
Safari for mac 9.1 code#
Impact: Visiting a maliciously crafted website may lead to arbitrary code executionĭescription: Multiple memory corruption issues were addressed through improved memory handling. This issue was addressed through improved URL validation on redirection. Description: A cross-site scripting issue existed in Safari URL redirection. Impact: A malicious website may exfiltrate data cross-origin This issue was addressed by disabling scripts and plugins on resources loaded over HTTP/0.9. Description: A cross-protocol cross-site scripting (XPXSS) issue existed in Safari when submitting forms to non-HTTP services compatible with HTTP/0.9. Impact: Visiting a maliciously crafted website may lead to script execution in the context of a non-HTTP service This was addressed through improved validation of security origins. Description: An origin inheritance issue existed in parsing of about: URLs. Impact: Visiting a malicious website may lead to user interface spoofing
Description: A memory corruption issue was addressed through improved memory handling. Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
0 kommentar(er)
