Apple security updates
Safari 6.1.3 and Safari 7.0.3 – April 1, 2014
- OS X Lion and OS X Lion Server v10.7.5
- OS X Mountain Lion v10.8.5
- OS X Mavericks v10.9.2
This document describes the security content of Safari 6.1.3 and Safari 7.0.3.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see “How to use the Apple Product Security PGP Key.”Safari 6.1.3 and Safari 7.0.3
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling
More in the KB HT6181 article about the specific CVE-IDs addressed.
According to ITWire article:
Specific changes called out by Apple are a fix for an issue that could cause the search and address field to load a webpage or send a search term before the return key is pressed, support for generic top-level domains (so that Safari loads the requested page instead of treating it as a search term), and strengthened Safari sandboxing.
Very important update.