Apple Mac OS X WebKit deallocated object access vulnerability

ID VU:848960
Type cert
Reporter CERT
Modified 2007-01-15T00:00:00



Apple Safari WebKit fails to properly deallocate objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.


According to Apple:

WebKit is the open source core of Apple's Safari web browser. It is available as a framework in Mac OS X for use in your applications.
More information about WebKit is available at the WebKit Project web site.

The Apple Safari WebKit component fails to properly dispose of deallocated objects. If a remote attacker persuades a user to access a specially crafted web page with Safari, that attacker may be able to cause that user to access a deallocated object leading to memory corruption.

Note that this vulnerability may affect any software that uses WebKit.


A remote, unauthenticated attacker may be able to execute arbitrary code.


Apply Apple Updates
Apple advises all users to apply Apple Security Update 2006-007, as it fixes this and other critical security flaws.

Systems Affected

Vendor| Status| Date Notified| Date Updated
Apple Computer, Inc.| | -| 29 Nov 2006
OmniGroup, Inc.| | 30 Nov 2006| 15 Jan 2007
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A


  • <>
  • <>
  • <>


This vulnerability was reported in Apple Security Update 2006-007 . Apple credits Tom Ferris of Security-Protocols with providing information about this vulnerability.

This document was written by Jeff Gennari based on information from Apple and Security-Protocols.

Other Information

  • CVE IDs: CVE-2006-4412
  • Date Public: 28 Nov 2006
  • Date First Published: 29 Nov 2006
  • Date Last Updated: 15 Jan 2007
  • Severity Metric: 15.80
  • Document Revision: 14