Lucene search
AnonymousZDI-08-045HistoryJul 25, 2008 - 12:00 a.m.
Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability
2008-07-2500:00:00
Anonymous
www.zerodayinitiative.com
9
0.783 High
EPSS
Percentile
98.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the garbage collection of JavaScript document elements in WebCore. When a CSSStyleSheet object of a style element is copied, and the style element is deallocated, a reference to the ownerNode property of the copied CSSStyleSheet object will result in a heap corruption allowing for the execution of arbitrary code.
References
Related
securityvulns
securityvulns
Apple Safari memory corruption
2008-07-26 00:00:00
ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability
2008-07-26 00:00:00
cve
cve
CVE-2008-2317
2008-07-14 18:41:00
CVE-2008-1590
2008-07-14 18:41:00
prion
prion
Memory corruption
2008-07-14 18:41:00
Design/Logic Flaw
2008-07-14 18:41:00
cvelist
cvelist
CVE-2008-1590
2008-07-14 18:00:00
CVE-2008-2317
2008-07-14 18:00:00
nvd
nvd
CVE-2008-2317
2008-07-14 18:41:00
CVE-2008-1590
2008-07-14 18:41:00
seebug
seebug
Apple iPhone和iPod Touch 2.0版修复多个安全漏洞
2008-07-14 00:00:00
nessus
nessus
Safari < 3.2 Multiple Vulnerabilities
2008-11-14 00:00:00
Mac OS X : Apple Safari < 3.2
2008-11-14 00:00:00
Safari < 3.2 Multiple Vulnerabilities
2008-11-14 00:00:00