Lucene search
MWRZDI-19-127HistoryJan 25, 2019 - 12:00 a.m.
Apple Safari RTCPeerConnection Use-After-Free Remote Code Execution Vulnerability
2019-01-2500:00:00
MWR
www.zerodayinitiative.com
11
EPSS
0.008
Percentile
82.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RTCPeerConnection objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
References
Related
cvelist
cvelist
CVE-2019-6211
2019-03-05 16:00:00
nvd
nvd
CVE-2019-6211
2019-03-05 16:29:00
prion
prion
Memory corruption
2019-03-05 16:29:00
cve
cve
CVE-2019-6211
2019-03-05 16:29:00
openvas
openvas
Apple Mac OS X Security Updates (HT209446)-02
2019-01-23 00:00:00
nessus
nessus
macOS 10.14.x < 10.14.3 Multiple Vulnerabilities
2019-01-25 00:00:00
apple
apple
About the security content of macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra - Apple Support
2019-01-22 06:16:11
About the security content of macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra
2019-01-22 00:00:00
About the security content of iOS 12.1.3
2019-01-22 00:00:00