HTTP: Apple Safari Regular Expression Heap Buffer Overflow

This signature detects attempts to exploit a known vulnerability in Apple Safari. An attacker can create a malicious Web site containing a dangerous JavaScript, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Extended Description

Apple iPhone Mobile Safari Browser is prone to a remote heap-overflow vulnerability that can allow an attacker to gain unauthorized access to a device with administrative privileges. The researchers responsible for discovering this issue have developed exploit code that can steal sensitive information from a vulnerable device and send it to a remote server. Another proof of concept that exploits the same issue can be used to perform physical actions on the phone such as making a sound or setting the phone to vibrate. The researchers have not yet disclosed the complete details of this vulnerability but will do so as part of a presentation for the BlackHat security conference on August 2, 2007. This issue also affects Safari on other platforms including Windows and Mac OS X.

Affected Products

Apple iphone,Apple safari

Short Name
HTTP:STC:SAFARI:MAL-REGEX
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple Buffer CVE-2007-3944 Expression Heap Overflow Regular Safari bid:25002
Release Date
09/13/2007
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3729
False Positive
Rarely
Vendors

Apple

CVSS Score

9.3

Found a potential security threat?