Early this morning, Apple announced APPLE-SA-2007-06-14 which addresses multiple vulnerabilities in Safari Beta for Windows and updates the web browser to version 3.0.1. A list of vulnerabilities is included in Table 1 below. The update is available via the “Apple Software Update” application or can be downloaded via Apple’s Safari download web site. As of this writing, Apple has not posted any information regarding this update on the Apple Product Security web site.
| CVE-2007-3185 | Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution |
| CVE-2007-3186 | Visiting a malicious website may lead to arbitrary code execution |
| CVE-2007-2391 | Visiting a malicious website may allow cross-site scripting |
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!