Lucene search
AnonymousZDI-16-632HistoryDec 13, 2016 - 12:00 a.m.
Apple Safari HTMLLabelElement Use-After-Free Remote Code Execution Vulnerability
2016-12-1300:00:00
Anonymous
www.zerodayinitiative.com
9
0.013 Low
EPSS
Percentile
85.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of HTMLLabelElement objects. By performing actions in JavaScript an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.
References
Related
ubuntucve
ubuntucve
CVE-2016-7611
2017-02-20 00:00:00
prion
prion
Memory corruption
2017-02-20 08:59:00
cvelist
cvelist
CVE-2016-7611
2017-02-20 08:35:00
debiancve
debiancve
CVE-2016-7611
2017-02-20 08:59:02
cve
cve
CVE-2016-7611
2017-02-20 08:59:02
nvd
nvd
CVE-2016-7611
2017-02-20 08:59:02
openvas
openvas
Apple iTunes Multiple Vulnerabilities (Feb 2017) - Windows
2017-02-28 00:00:00
Apple iCloud Multiple Vulnerabilities (Feb 2017) - Windows
2017-02-28 00:00:00
Apple Safari Multiple Vulnerabilities-02 (Feb 2017)
2017-02-22 00:00:00
apple
apple
About the security content of iCloud for Windows 6.1 - Apple Support
2017-01-23 05:29:57
About the security content of iCloud for Windows 6.1
2016-12-13 00:00:00
About the security content of iTunes 12.5.4 for Windows
2016-12-13 00:00:00
nessus
nessus
Apple iTunes < 12.5.4 Multiple Vulnerabilities (credentialed check)
2016-12-14 00:00:00
Apple iTunes < 12.5.4 Multiple Vulnerabilities (uncredentialed check)
2016-12-14 00:00:00
macOS : Apple Safari < 10.0.2 Multiple Vulnerabilities
2016-12-16 00:00:00
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2017-03-02 18:11:17
gentoo
gentoo
WebKitGTK+: Multiple vulnerabilities
2017-06-07 00:00:00