Signature Detail
Short Name |
HTTP:STC:WEBKIT-FLOAT-TYPE-RCE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Webkit Floating Point Data Type Code Execution |
Release Date |
2010/10/27 |
Update Number |
1802 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Webkit Floating Point Data Type Code Execution
This signature detects attempts to exploit a known vulnerability against Webkit. A successful attack can lead to arbitrary code execution.
Extended Description
WebKit is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Versions prior to Safari 5.0.2 and Safari 4.1.2 are vulnerable.
Affected Products
- Apple iOS 3.2
- Apple iOS 3.2.1
- Apple iOS 3.2.2
- Apple iOS 4
- Apple iOS 4.0.1
- Apple iOS 4.0.2
- Apple iOS 4.1
- Apple iOS 4.2 beta
- Apple iPad 3.2
- Apple iPad 3.2.1
- Apple iPad 3.2.2
- Apple iPad
- Apple iPhone 2.0
- Apple iPhone 2.0.1
- Apple iPhone 2.0.2
- Apple iPhone 2.1
- Apple iPhone 2.2
- Apple iPhone 2.2.1
- Apple iPhone 3.0
- Apple iPhone 3.0.1
- Apple iPhone 3.1
- Apple iPhone 3.1.2
- Apple iPhone 3.1.3
- Apple iPhone 3.2
- Apple iPhone 3.2.1
- Apple iPhone 4.0
- Apple iPhone 4.0.1
- Apple iPhone 4.1
- Apple iPod Touch 2.1
- Apple iPod Touch 2.2
- Apple iPod Touch 2.2.1
- Apple iPod Touch 3.0
- Apple iPod Touch 3.1.1
- Apple iPod Touch 3.1.2
- Apple iPod Touch 3.1.3
- Apple Safari 4
- Apple Safari 4.0.1
- Apple Safari 4.0.2
- Apple Safari 4.0.2 For Windows
- Apple Safari 4.0.3
- Apple Safari 4.0.3 For Windows
- Apple Safari 4.0.4
- Apple Safari 4.0.4 For Windows
- Apple Safari 4.0.5
- Apple Safari 4.0.5 For Windows
- Apple Safari 4.1
- Apple Safari 4.1.1
- Apple Safari 4 Beta
- Apple Safari 4 For Windows
- Apple Safari 5.0
- Apple Safari 5.0.1
- Apple Safari 5.0.1 for Windows
- Apple Safari 5.0 For Windows
- Mandriva Linux Mandrake 2010.1
- Mandriva Linux Mandrake 2010.1 X86 64
- Open Handset Alliance Android 2.0.1
- Open Handset Alliance Android 2.1
- Red Hat Enterprise Linux Desktop 6
- Red Hat Enterprise Linux Desktop Optional 6
- Red Hat Enterprise Linux HPC Node Optional 6
- Red Hat Enterprise Linux Server 6
- Red Hat Enterprise Linux Server Optional 6
- Red Hat Enterprise Linux Workstation 6
- Red Hat Enterprise Linux Workstation Optional 6
- Red Hat Fedora 12
- Red Hat Fedora 13
- SuSE openSUSE 11.2
- SuSE openSUSE 11.3
- Ubuntu Ubuntu Linux 10.04 Amd64
- Ubuntu Ubuntu Linux 10.04 I386
- Ubuntu Ubuntu Linux 10.04 Powerpc
- Ubuntu Ubuntu Linux 10.04 Sparc
- Ubuntu Ubuntu Linux 10.10 amd64
- Ubuntu Ubuntu Linux 10.10 i386
- Ubuntu Ubuntu Linux 10.10 powerpc
- Ubuntu Ubuntu Linux 9.10 Amd64
- Ubuntu Ubuntu Linux 9.10 I386
- Ubuntu Ubuntu Linux 9.10 Lpia
- Ubuntu Ubuntu Linux 9.10 Powerpc
- Ubuntu Ubuntu Linux 9.10 Sparc
- WebKit Open Source Project WebKit 1.2.2
- WebKit Open Source Project WebKit 1.2.2-1
- WebKit Open Source Project WebKit 1.2.3
- WebKit Open Source Project WebKit
References
- BugTraq: 43047
- CVE: CVE-2010-1807