Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari

Apple on Friday released security updates for iOS, iPadOS, macOS, and Safari web browser to address a pair of zero-day flaws that are being exploited in the wild. The two vulnerabilities are as follows - CVE-2023-28205 - A use after free issue in WebKit that could lead to arbitrary code execution...

SUSE CVE-2010-1412

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to hover events...

SUSE CVE-2010-1823

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by ...

SUSE CVE-2011-1344

Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 CDMA; and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag,...

The vulnerability of the web page rendering module in WebKit operating systems for tvOS, iOS, iPadOS, and watchOS allows attackers to execute arbitrary code.

The vulnerability of the Web page rendering module in WebKit operating systems for tvOS, iOS, iPadOS, and watchOS is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code using malicious web content...

WebKit: use-after-free in WebCore::FormSubmission::create(CVE-2017-13791)

There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. ASan log: ================================================================= ==934==ERROR: AddressSanitizer: heap-use-after-free on address 0x60c0000b9810 at pc 0x000114b6f4...

webkit: use-after-free flaw in handling of selections

Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving selections...

WebKit: Use-after-free vulnerability related frame object

WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09

This host is installed with Apple Safari Web Browser and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbapplesafarijsreloaddosvulnjul09.nasl 4865 2016-12-28 16:16:43Z teissa $ Apple Safari JavaScript 'Reload' DoS Vulnerability - July09 Authors: Sharath S Copyright:...

PT-2008-1163 · Apple +2 · Iphone +4

Name of the Vulnerable Software and Affected Versions: Apple iPod touch versions 1.1 through 2.0.2 Apple iPhone versions 1.0 through 2.0.2 Qt affected versions not specified Description: The issue is related to a use-after-free vulnerability in WebKit and an error in resource management in the Qt...