| Reporter | Title | Published | Views | Family All 36 |
|---|---|---|---|---|
| Safari < 5.1 Multiple Vulnerabilities | 20 Jul 201100:00 | – | nessus | |
| iTunes < 10.5 Multiple Vulnerabilities | 12 Oct 201100:00 | – | nessus | |
| Apple iOS < 5.0 Multiple Vulnerabilities | 12 Oct 201100:00 | – | nessus | |
| Safari < 5.1 Multiple Vulnerabilities | 20 Jul 201100:00 | – | nessus | |
| Apple iOS < 5.0 Multiple Vulnerabilities (BEAST) | 19 Jun 201200:00 | – | nessus | |
| Apple iTunes < 10.5 Multiple Vulnerabilities (credentialed check) | 12 Oct 201100:00 | – | nessus | |
| Apple iTunes < 10.5 Multiple Vulnerabilities (uncredentialed check) | 12 Oct 201100:00 | – | nessus | |
| Mac OS X : Apple Safari < 5.1 / 5.0.6 | 21 Jul 201100:00 | – | nessus | |
| Safari < 5.1 Multiple Vulnerabilities | 21 Jul 201100:00 | – | nessus | |
| Linux Distros Unpatched Vulnerability : CVE-2011-0222 | 10 Sep 202500:00 | – | nessus |
Abysssec Public Advisory
apple killed one of our 0day no point to keep it private anymore :(
there is another version of exploit using POPup and thats more
reliable but as you know safari block pop up by default so we found a
cool way to bypass it and stand alone module .
this exploiting using ROP to bypass permanent DEP.
note : Change spray range if not work on your machine.
CVE-2011-0222 :
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers
to execute arbitrary code or cause a denial of service (memory
corruption and application crash)
via a crafted web site a different vulnerability than other WebKit
CVEs listed in APPLE-SA-2011-07-20-1.
Tested on windows XP SP3 and safari 5.0.5
feel free to contact us at : info [at] abysssec.com
and follow @abysssec for updates
http://www.abysssec.com/files/CVE-2011-0222_WinXP_Exploit.zip
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/17575.zip (CVE-2011-0222_WinXP_Exploit.zip)Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation