Signature Detail
Short Name |
HTTP:STC:SAFARI:WEBKIT-SVG-MARK |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Apple Safari WebKit SVG Markers Use-After-Free Memory Corruption |
Release Date |
2011/08/15 |
Update Number |
1973 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Apple Safari WebKit SVG Markers Use-After-Free Memory Corruption
This signature detects attempts to exploit a known vulnerability against Apple Safari Webkit. A successful attack can lead to arbitrary code execution.
Extended Description
WebKit is prone to a remote code-execution vulnerability due to memory corruption. Attackers can exploit this issue by enticing an unsuspecting user to visit a malicious Web page. Successful attacks will result in arbitrary code execution; failed attacks may cause denial-of-service conditions. NOTE: This issue was previously discussed in BID 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it.
Affected Products
- Apple iOS 4
- Apple iOS 4.0.1
- Apple iOS 4.0.2
- Apple iOS 4.1
- Apple iOS 4.2
- Apple iOS 4.2.1
- Apple iOS 4.2.10
- Apple iOS 4.2.5
- Apple iOS 4.2.6
- Apple iOS 4.2.7
- Apple iOS 4.2.8
- Apple iOS 4.2.9
- Apple iOS 4.2 beta
- Apple iOS 4.3
- Apple iOS 4.3.1
- Apple iOS 4.3.2
- Apple iOS 4.3.3
- Apple iOS 4.3.4
- Apple iOS 4.3.5
- Apple iPad
- Apple iPhone
- Apple iPod Touch
- Apple iTunes 10
- Apple iTunes 10.1
- Apple iTunes 10.2
- Apple iTunes 10.2.2
- Apple iTunes 8.0
- Apple iTunes 8.0.0
- Apple iTunes 8.0.0 - Windows
- Apple iTunes 8.0.1
- Apple iTunes 8.0.2.20
- Apple iTunes 8.1
- Apple iTunes 8.2
- Apple iTunes 9.0.0
- Apple iTunes 9.0.1
- Apple iTunes 9.0.1.8
- Apple iTunes 9.0.2
- Apple iTunes 9.1
- Apple iTunes 9.2
- Apple iTunes 9.2.1
- Apple iTunes
- Apple Safari 4
- Apple Safari 4.0.1
- Apple Safari 4.0.2
- Apple Safari 4.0.2 For Windows
- Apple Safari 4.0.3
- Apple Safari 4.0.3 For Windows
- Apple Safari 4.0.4
- Apple Safari 4.0.4 For Windows
- Apple Safari 4.0.5
- Apple Safari 4.0.5 For Windows
- Apple Safari 4.1
- Apple Safari 4 Beta
- Apple Safari 4 For Windows
- Apple Safari 5.0
- Apple Safari 5.0.1
- Apple Safari 5.0.1 for Windows
- Apple Safari 5.0.2
- Apple Safari 5.0.2 for Windows
- Apple Safari 5.0.3
- Apple Safari 5.0.3 for Windows
- Apple Safari 5.0.4
- Apple Safari 5.0.4 for Windows
- Apple Safari 5.0.5
- Apple Safari 5.0.5 for Windows
- Apple Safari 5.0 For Windows
- WebKit Open Source Project WebKit 1.2.2
- WebKit Open Source Project WebKit 1.2.2-1
- WebKit Open Source Project WebKit 1.2.3
- WebKit Open Source Project WebKit 1.2.5
- WebKit Open Source Project WebKit 1.2.X
- WebKit Open Source Project WebKit R38566
- WebKit Open Source Project WebKit R51295
- WebKit Open Source Project WebKit R52401
- WebKit Open Source Project WebKit R52833
- WebKit Open Source Project WebKit r77705
- WebKit Open Source Project WebKit r82222
- WebKit Open Source Project WebKit
References
- BugTraq: 48855
- CVE: CVE-2011-1453