Apple Safari 5.0.65.1 - SVG DOM Processing (PoC)

2011-07-2500:00:00

Nikita Tarakanov

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

Apple Safari 5.0.65.1 - SVG DOM Processing (PoC)

/*
# Exploit Title: CVE-2011-0222 Safari SVG DOM processing PoC
# Date: 2011-07-25
# Author: Nikita Tarakanov (CISS Research Team), Alex Bazhanyuk (CISS Research Team)
# Software Link: http://www.apple.com/au/safari/download/
# Version: prior to 5.0.6, 5.1
# Tested on: Win XP SP3, Win 7 SP1
# CVE : CVE-2011-0222
# Status : Patched
*/

PoC: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/17567.zip (CVE-2011-0222.zip)