Lucene search
AnonymousZDI-16-341HistoryMay 19, 2016 - 12:00 a.m.
Apple Safari DataCue Use-After-Free Remote Code Execution Vulnerability
2016-05-1900:00:00
Anonymous
www.zerodayinitiative.com
11
0.007 Low
EPSS
Percentile
80.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of DataCue objects. By manipulating a document’s elements an attacker can cause a DataCue object in memory to be reused after it has been freed. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.
References
Related
cvelist
cvelist
nvd
nvd
prion
prion
Memory corruption
2016-05-20 11:00:00
Memory corruption
2016-05-20 11:00:00
Memory corruption
2016-05-20 11:00:00
ubuntucve
ubuntucve
debiancve
debiancve
CVE-2016-1856
2016-05-20 11:00:00
CVE-2016-1857
2016-05-20 11:00:00
cve
cve
archlinux
archlinux
webkit2gtk: arbitrary code execution
2016-06-04 00:00:00
apple
apple
About the security content of Safari 9.1.1
2016-05-16 00:00:00
About the security content of Safari 9.1.1 - Apple Support
2017-01-23 03:47:57
About the security content of tvOS 9.2.1 - Apple Support
2017-01-23 03:54:40
nessus
nessus
Mac OS X : Apple Safari < 9.1.1 Multiple Vulnerabilities
2016-05-18 00:00:00
Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3079-1)
2016-09-15 00:00:00
Apple TV < 9.2.1 Multiple Vulnerabilities
2016-05-24 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities (Nov 2016) - Mac OS X
2016-11-22 00:00:00
Mageia: Security Advisory (MGASA-2016-0294)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-3079-1)
2016-09-15 00:00:00
mageia
mageia
Updated webkit2 packages fix security vulnerability
2016-08-31 20:34:12
ubuntu
ubuntu
WebKitGTK+ vulnerabilities
2016-09-14 00:00:00