er, actually, the text from the US CERT site about the Apple update says, in part:
The impacts of these vulnerabilities include arbitrary code execution, denial of service, information disclosure, cross-site scripting, privilege escalation, and authentication bypass.