HTTP: Apple Safari CVE-2017-2464 Memory Corruption

This signature detects attempts to exploit a known vulnerability against Apple Safari. A successful attack can lead to arbitrary code execution.

Extended Description

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Affected Products

Apple tvos

References

CVE: CVE-2017-2464

Short Name
HTTP:STC:CVE-2017-2464-MC
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2017-2464 Corruption Memory Safari
Release Date
05/18/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Apple

CVSS Score

6.8

Found a potential security threat?