CVE-2011-1774 Information

Description

WebKit in Apple Safari before 5.0.6 has improper libxslt security settings which allows remote attackers to create arbitrary files and consequently execute arbitrary code via a crafted web site. NOTE: this may overlap CVE-2011-1425.

Reference

http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://securityreason.com/securityalert/8481 http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999