Apple Mac OS X WebKit deallocated object access vulnerability

2006-11-29T00:00:00
ID VU:848960
Type cert
Reporter CERT
Modified 2007-01-15T00:00:00

Description

Overview

Apple Safari WebKit fails to properly deallocate objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.

Description

According to Apple:

_WebKit is the open source core of Apple's Safari web browser. It is available as a framework in Mac OS X for use in your applications. _

More information about WebKit is available at the WebKit Project web site.

The Apple Safari WebKit component fails to properly dispose of deallocated objects. If a remote attacker persuades a user to access a specially crafted web page with Safari, that attacker may be able to cause that user to access a deallocated object leading to memory corruption.

Note that this vulnerability may affect any software that uses WebKit.


Impact

A remote, unauthenticated attacker may be able to execute arbitrary code.


Solution

Apply Apple Updates
Apple advises all users to apply Apple Security Update 2006-007, as it fixes this and other critical security flaws.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Apple Computer, Inc.| | -| 29 Nov 2006
OmniGroup, Inc.| | 30 Nov 2006| 15 Jan 2007
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • <http://docs.info.apple.com/article.html?artnum=304829>
  • <http://secunia.com/advisories/23155/>
  • <http://security-protocols.com/sp-x38-advisory.php>

Credit

This vulnerability was reported in Apple Security Update 2006-007. Apple credits Tom Ferris of Security-Protocols with providing information about this vulnerability.

This document was written by Jeff Gennari based on information from Apple and Security-Protocols.

Other Information

  • CVE IDs: CVE-2006-4412
  • Date Public: 28 Nov 2006
  • Date First Published: 29 Nov 2006
  • Date Last Updated: 15 Jan 2007
  • Severity Metric: 15.80
  • Document Revision: 14