Lucene search
Ian Beer of Google Project ZeroZDI-14-090HistoryApr 11, 2014 - 12:00 a.m.
(Pwn2Own\Pwn4Fun) Apple Webkit JSStringJoiner Memory Corruption Remote Code Execution Vulnerability
2014-04-1100:00:00
Ian Beer of Google Project Zero
www.zerodayinitiative.com
17
EPSS
0.167
Percentile
96.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of string objects. The issue lies in the joining of strings in an array. An attacker can leverage this vulnerability to execute code under the context of the current process.
References
Related
prion
prion
Code injection
2014-03-26 14:55:00
seebug
seebug
Apple Safariδ»»ζ代η ζ§θ‘ζΌζ΄
2014-03-27 00:00:00
cvelist
cvelist
CVE-2014-1300
2014-03-26 14:00:00
cve
cve
CVE-2014-1300
2014-03-26 14:55:05
nvd
nvd
CVE-2014-1300
2014-03-26 14:55:05
openvas
openvas
securityvulns
securityvulns
APPLE-SA-2014-04-22-2 iOS 7.1.1
2014-05-04 00:00:00
Apple TV multiple security vulnerabitilies
2014-05-04 00:00:00
Apple iOS multiple security vulnerabilities
2014-05-04 00:00:00
nessus
nessus
Apple TV < 6.1.1 Multiple Vulnerabilities
2014-05-29 00:00:00
Mac OS X : Apple Safari < 6.1.3 / 7.0.3 Multiple Vulnerabilities
2014-04-02 00:00:00
Safari < 6.1.3 / 7.0.3 Multiple Vulnerabilities
2014-04-10 00:00:00