PROBLEM:
Apple Safari Bugs Let Remote Users Execute Arbitrary Code
PLATFORM:
Version(s): prior to 6.0.3
ABSTRACT:
Two vulnerabilities were reported in Apple Safari.
REFERENCE LINKS:
Apple security update, Article: HT1222
SecurityTracker Alert ID: 1028292
CVE-2013-0960
CVE-2013-0961
IMPACT ASSESSMENT:
Medium
DISCUSSION:
A remote user can create specially crafted HTML that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
IMPACT:
A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.