Lucene search
Kai Kang(a.k.a 4B5F5F4B) of Tencent's Xuanwu LAB(http://www.tencent.com)ZDI-17-345HistoryMay 15, 2017 - 12:00 a.m.
Apple Safari RenderInline Use-After-Free Remote Code Execution Vulnerability
2017-05-1500:00:00
Kai Kang(a.k.a 4B5F5F4B) of Tencent's Xuanwu LAB(http://www.tencent.com)
www.zerodayinitiative.com
10
EPSS
0.012
Percentile
85.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RenderInline objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process.
References
Related
prion
prion
Memory corruption
2017-05-22 05:29:00
cve
cve
CVE-2017-2526
2017-05-22 05:29:01
cvelist
cvelist
CVE-2017-2526
2017-05-22 04:54:00
nvd
nvd
CVE-2017-2526
2017-05-22 05:29:01
debiancve
debiancve
CVE-2017-2526
2017-05-22 05:29:01
ubuntucve
ubuntucve
CVE-2017-2526
2017-05-22 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities (HT207804)
2017-05-16 00:00:00
nessus
nessus
macOS : Apple Safari < 10.1.1 Multiple Vulnerabilities
2017-05-23 00:00:00
Apple iOS < 10.3.2 Multiple Vulnerabilities
2017-05-18 00:00:00
GLSA-201706-15 : WebKitGTK+: Multiple vulnerabilities
2017-06-08 00:00:00
apple
apple
About the security content of Safari 10.1.1
2017-05-15 00:00:00
About the security content of Safari 10.1.1 - Apple Support
2017-06-26 04:38:16
About the security content of iOS 10.3.2
2017-05-15 00:00:00
gentoo
gentoo
WebKitGTK+: Multiple vulnerabilities
2017-06-07 00:00:00