Lucene search
Kai Kang(a.k.a 4B5F5F4B) of Tencent's Xuanwu LAB(http://www.tencent.com)ZDI-17-241HistoryMar 30, 2017 - 12:00 a.m.
Apple Safari RenderBox Use-After-Free Remote Code Execution Vulnerability
2017-03-3000:00:00
Kai Kang(a.k.a 4B5F5F4B) of Tencent's Xuanwu LAB(http://www.tencent.com)
www.zerodayinitiative.com
29
0.006 Low
EPSS
Percentile
78.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RenderBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to achieve remote code execution under the context of the process.
References
Related
cve
cve
CVE-2017-2463
2017-04-02 01:59:03
nvd
nvd
CVE-2017-2463
2017-04-02 01:59:03
ubuntucve
ubuntucve
CVE-2017-2463
2017-04-02 00:00:00
cvelist
cvelist
CVE-2017-2463
2017-04-02 01:36:00
prion
prion
Memory corruption
2017-04-02 01:59:00
nessus
nessus
iTunes < 12.6 Multiple Vulnerabilities
2017-05-17 00:00:00
Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)
2017-05-08 00:00:00
Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)
2017-05-08 00:00:00
openvas
openvas
Apple iCloud Multiple Vulnerabilities (HT207607) - Windows
2017-05-16 00:00:00
Apple iTunes Multiple Vulnerabilities (HT207599) - Windows
2017-03-30 00:00:00
Apple Safari Multiple Vulnerabilities (HT207600)
2017-03-31 00:00:00
apple
apple
About the security content of iCloud for Windows 6.2
2017-03-28 00:00:00
About the security content of iCloud for Windows 6.2 - Apple Support
2017-04-24 06:47:37
About the security content of iTunes 12.6 for Windows
2017-03-21 00:00:00