8 matches found
WebKit ComposedTreeIterator::traverseNextInShadowTree Use-After-Free
WebKit: ComposedTreeIterator::traverseNextInShadowTree use-after-free CVE-2017-2466 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on a nightly version of WebKit. The PoC has also been observed to crash Safari 10.0.2 on Mac. PoC:...
WebKit: ComposedTreeIterator::traverseNextInShadowTree use-after-free(CVE-2017-2466)
There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on a nightly version of WebKit. The PoC has also been observed to crash Safari 10.0.2 on Mac. PoC: function go d.open = false; d.innerHTML = "foo"; d.open = true; foo ASan log: ==570==ERROR:...
CVE-2017-2466
creationtimestamp| type| source ---|---|--- 2017-04-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41812...
CVE-2017-2466
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...
CVE-2017-2466
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...
CVE-2017-2466
CVE-2017-2466 affects WebKit in Apple products (iOS before 10.3, Safari before 10.1, tvOS before 10.2). The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site, due to memory corruption in WebKit. Apple patches are documented in HT207600 (Sa...
CVE-2017-2466
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...
CVE-2017-2466
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...