This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Webkit implements the string.replace() method. Due to insufficient boundary checks it is possible for specially crafted strings to cause an int wrap during the calculation of a buffer size. This could lead to a heap buffer overflow that could result in remote code execution under the context of the current user.