Lucene search
Wushi of team509ZDI-11-240HistoryJul 27, 2011 - 12:00 a.m.
Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability
2011-07-2700:00:00
wushi of team509
www.zerodayinitiative.com
31
0.226 Low
EPSS
Percentile
96.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safariโs Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the libraryโs support of SVG markers. When updating a marker, the application will duplicate the reference of an object without updating itโs reference count. When freeing this object, a use-after-free vulnerability can be made to occur. This can be leveraged by a remote attacker to execute code under the context of the user running the application.
References
Related
cve
cve
CVE-2011-1453
2011-07-21 23:55:02
prion
prion
Memory corruption
2011-07-21 23:55:00
cvelist
cvelist
CVE-2011-1453
2011-07-21 23:00:00
nvd
nvd
CVE-2011-1453
2011-07-21 23:55:02
ubuntucve
ubuntucve
CVE-2011-1453
2011-07-21 00:00:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
2011-07-22 00:00:00
WebKit / Apple Safari / Google Chrome multiple security vulnerabilities
2011-08-01 00:00:00
zdt
zdt
Safari SVGPathSegList Use-After-Free Exploit
2014-09-17 00:00:00
seebug
seebug
Apple Safari 5.1ๅ5.0.6ไนๅ็ๆฌๅคไธชๅฎๅ
จๆผๆด
2011-07-22 00:00:00
Apple iTunesๅคไธชๅฎๅ
จๆผๆด
2011-10-13 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities (Jul 2011)
2011-07-27 00:00:00
Apple Safari Multiple Vulnerabilities (Jul 2011) - Mac OS X
2011-08-12 00:00:00
Apple Safari Multiple Vulnerabilities - July 2011
2011-07-27 00:00:00
nessus
nessus
Apple iOS < 5.0 Multiple Vulnerabilities (BEAST)
2012-06-19 00:00:00
Safari < 5.1 Multiple Vulnerabilities
2011-07-21 00:00:00
Mac OS X : Apple Safari < 5.1 / 5.0.6
2011-07-21 00:00:00