4 matches found
WebKit: WebCore::toJS use-after-free(CVE-2017-2476)
There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: function freememory var a; forvar i=0;i ASan log: ==25184==ERROR: AddressSanitizer: heap-use-after-free on address 0x61a000076e80 at pc 0x000115bea4e0 bp 0x7fff52cef2e...
CVE-2017-2476
creationtimestamp| type| source ---|---|--- 2017-04-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41814...
CVE-2017-2476
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...
CVE-2017-2476
CVE-2017-2476 affects WebKit in Apple products (iOS pre-10.3, Safari pre-10.1, tvOS pre-10.2). Root cause: type confusion in WebKit; exploit via crafted web content can trigger remote code execution, memory corruption, or application crash. Remediation: update to patched versions per Apple adviso...