Lucene search
Lokihardt@ASRTZDI-15-009HistoryJan 27, 2015 - 12:00 a.m.
(Mobile Pwn2Own) Apple Safari Set Use-After-Free Remote Code Execution Vulnerability
2015-01-2700:00:00
lokihardt@ASRT
www.zerodayinitiative.com
16
0.027 Low
EPSS
Percentile
90.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Set objects. The issue lies in the usage of an iterator after clearing the object. An attacker can leverage this vulnerability to execute code under the context of the renderer process.
References
Related
openvas
openvas
Apple Safari 'Webkit' Multiple Vulnerabilities -01 (Feb 2015) - Mac OS X
2015-02-09 00:00:00
cve
cve
prion
prion
Memory corruption
2015-01-30 11:59:00
Memory corruption
2015-01-30 11:59:00
Memory corruption
2015-01-30 11:59:00
ubuntucve
ubuntucve
cvelist
cvelist
nvd
nvd
securityvulns
securityvulns
Apple Safari / Webkit multiple security vulnerabilities
2015-02-02 00:00:00
APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3
2015-02-02 00:00:00
Apple TV multiple security vulnerabilities
2015-02-02 00:00:00
nessus
nessus
Mac OS X : Apple Safari < 6.2.3 / 7.1.3 / 8.0.3 Multiple Vulnerabilities
2015-01-28 00:00:00
Apple TV < 7.0.3 Multiple Vulnerabilities
2015-03-04 00:00:00
Apple iOS < 8.1.3 Multiple Vulnerabilities
2015-03-04 00:00:00
kaspersky
kaspersky
KLA10620 Multiple vulnerabilities in Apple iTunes
2015-06-30 00:00:00