Lucene search
Alexander GavrunZDI-12-067HistoryApr 18, 2012 - 12:00 a.m.
WebKit.org Webkit Array.Splice Remote Code Execution Vulnerability
2012-04-1800:00:00
Alexander Gavrun
www.zerodayinitiative.com
15
0.079 Low
EPSS
Percentile
94.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the JavaScriptCore component as used by WebKit. This module is responsible for the in browser implementation of JavaScript. When handling the array.splice method the browser improperly calculates the length, and thus allocation size for the newly modified array. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
Related
prion
prion
Memory corruption
2012-03-08 22:55:00
nvd
nvd
CVE-2012-0592
2012-03-08 22:55:02
cve
cve
CVE-2012-0592
2012-03-08 22:55:02
cvelist
cvelist
CVE-2012-0592
2012-03-08 22:00:00
nessus
nessus
Apple iOS < 5.1 Multiple Vulnerabilities
2012-06-19 00:00:00
Apple iTunes < 10.6 Multiple Vulnerabilities (credentialed check)
2012-03-12 00:00:00
Apple iTunes < 10.6 Multiple Vulnerabilities (uncredentialed check)
2012-03-12 00:00:00
securityvulns
securityvulns
APPLE-SA-2012-03-07-1 iTunes 10.6
2012-03-09 00:00:00
Apple WebKit (iTunes, iPhone, Safari, Google Chrome) multiple security vulnerabilities
2012-08-27 00:00:00
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
2012-03-09 00:00:00
openvas
openvas
Apple iTunes Multiple Vulnerabilities (Mar 2012) - Windows
2012-03-20 00:00:00
Apple iTunes Multiple Vulnerabilities - Mar12 (Windows)
2012-03-20 00:00:00
Apple Safari Webkit Multiple Vulnerabilities - March12 (Mac OS X)
2012-03-13 00:00:00