3 matches found
EUVD-2018-16887
Malware in sbrugna...
Apple Webkit Button First-Letter Style Rendering Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. Authentication is not required to exploit this vulnerability. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or ope...
Apple Safari Webkit SVG First-Letter样式远程代码执行漏洞
BUGTRAQ ID: 42037 CVE ID: CVE-2010-1785 Safari是苹果家族机器操作系统中默认捆绑的WEB浏览器。 Safari的Webkit没有正确地实现SVG文本元素上下文中的first-letter样式,在将该样式应用到这个元素时首先会计算高度以判断 inline box的溢出。在遍历高度元素时,函数库会使用来自不存在linebox的数据。成功攻击会导致执行任意代码。 Apple Safari 5.x Apple Safari 4.x 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...