Signature Detail
Short Name |
HTTP:STC:SAFARI:WEBKIT-1ST-LTR |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Apple Safari Webkit Button First-Letter Style Rendering Code Execution |
Release Date |
2010/09/28 |
Update Number |
1780 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Apple Safari Webkit Button First-Letter Style Rendering Code Execution
This signature detects attempts to exploit a known code execution vulnerability in Apple's Safari Webkit. It is due to a use after free error when processing "first-letter" CSS style. A remote attacker can exploit this by enticing a user to open a maliciously crafted file on a target system. A successful attack can result in arbitrary code execution with the privileges of the targeted user.
Extended Description
WebKit is prone to a remote code-execution vulnerability due to a use-after-free error. An attacker can exploit this issue by enticing an unsuspecting victim into viewing a malicious webpage. Successful exploits may allow the attacker to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously covered in BID 40620 (Apple Safari Prior to 5.0 and 4.1 Multiple Security Vulnerabilities) but has been given its own record to better document it.
Affected Products
- Apple iOS 3.2
- Apple iOS 3.2.1
- Apple iOS 3.2.2
- Apple iOS 4.0.1
- Apple iOS 4.0.2
- Apple iOS 4.1
- Apple iOS 4.2 beta
- Apple iPad 3.2
- Apple iPad 3.2.1
- Apple iPad 3.2.2
- Apple iPad
- Apple iPad
- Apple iPhone 2.0
- Apple iPhone 2.0.1
- Apple iPhone 2.0.2
- Apple iPhone 2.1
- Apple iPhone 2.2
- Apple iPhone 2.2.1
- Apple iPhone 3.0
- Apple iPhone 3.0.1
- Apple iPhone 3.1
- Apple iPhone 3.1.2
- Apple iPhone 3.1.3
- Apple iPod Touch 2.0
- Apple iPod Touch 2.0.1
- Apple iPod Touch 2.0.2
- Apple iPod Touch 2.1
- Apple iPod Touch 2.2
- Apple iPod Touch 2.2.1
- Apple iPod Touch 3.0
- Apple iPod Touch 3.1.1
- Apple iPod Touch 3.1.2
- Apple iPod Touch 3.1.3
- Apple Safari 4
- Apple Safari 4.0.1
- Apple Safari 4.0.2
- Apple Safari 4.0.2 For Windows
- Apple Safari 4.0.3
- Apple Safari 4.0.3 For Windows
- Apple Safari 4.0.4
- Apple Safari 4.0.4 For Windows
- Apple Safari 4.0.5
- Apple Safari 4.0.5 For Windows
- Apple Safari 4 Beta
- Apple Safari 4 For Windows
- Mandriva Linux Mandrake 2010.1
- Mandriva Linux Mandrake 2010.1 X86 64
- Pardus Linux 2009
- SuSE openSUSE 11.3
- Ubuntu Ubuntu Linux 10.04 Amd64
- Ubuntu Ubuntu Linux 10.04 I386
- Ubuntu Ubuntu Linux 10.04 Powerpc
- Ubuntu Ubuntu Linux 10.04 Sparc
- Ubuntu Ubuntu Linux 10.10 amd64
- Ubuntu Ubuntu Linux 10.10 i386
- Ubuntu Ubuntu Linux 10.10 powerpc
- Ubuntu Ubuntu Linux 9.10 Amd64
- Ubuntu Ubuntu Linux 9.10 I386
- Ubuntu Ubuntu Linux 9.10 Lpia
- Ubuntu Ubuntu Linux 9.10 Powerpc
- Ubuntu Ubuntu Linux 9.10 Sparc
- WebKit Open Source Project WebKit 1.2.2
- WebKit Open Source Project WebKit 1.2.2-1
- WebKit Open Source Project WebKit 1.2.3
- WebKit Open Source Project WebKit R38566
- WebKit Open Source Project WebKit R51295
- WebKit Open Source Project WebKit R52401
- WebKit Open Source Project WebKit R52833
- WebKit Open Source Project WebKit
References
- BugTraq: 40644
- CVE: CVE-2010-1392
- URL: http://support.apple.com/kb/HT4196