HTTP: Apple Webkit Type Confusion
This signature detects attempts to exploit a known vulnerability against Apple Webkit. A successful attack can lead to arbitrary code execution.
Extended Description
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
Affected Products
Redhat enterprise_linux_workstation
References
CVE: CVE-2019-8506
Short Name
HTTP:STC:DL:APPLE-TYPE-CNFSN-CE
Severity
Critical
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2019-8506 Confusion Type Webkit
Release Date
12/10/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Apple
Redhat
CVSS Score
9.3