HTTP: Apple Safari Webkit Javascript Array Sort Function Heap Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Apple Safari Web Browser. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays.

Affected Products

Apple safari

References

BugTraq: 56362

CVE: CVE-2012-3748

Short Name
HTTP:STC:SAFARI:JSARR-SORT-HOVF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple Array Buffer CVE-2012-3748 Function Heap Javascript Overflow Safari Sort Webkit bid:56362
Release Date
09/17/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Apple

CVSS Score

5.1

Found a potential security threat?