HTTP: Apple Safari CVE-2016-4622 Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Apple Safari. A successful attack can lead to arbitrary code execution.
Extended Description
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624.
Affected Products
Apple iphone_os
References
CVE: CVE-2016-4622
URL: https://github.com/tunz/js-vuln-db/blob/master/jsc/CVE-2016-4622.md
Short Name
HTTP:STC:APPLE-CVE-2016-4622-CE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2016-4622 Code Execution Remote Safari
Release Date
05/18/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Apple
CVSS Score
6.8