HTTP: Apple Safari Right-to-Left Text Rendering Use After Free Vulnerability
This signature detects attempts to exploit a known memory corruption vulnerability in Apple Safari. It is due to a use-after-free error when handling HTML elements containing right-to-left displayed text. Remote attackers can exploit this to execute arbitrary code on the target machine by enticing a user into opening a specially crafted HTML document. In a successful attack, the behavior of the target machine depends entirely on the intention of the injected code, which runs within the security context of the logged on user. In an unsuccessful attack, the vulnerable application can terminate abnormally.
Extended Description
WebKit is prone to a remote memory-corruption vulnerability; fixes are available. Successful exploits may allow the attacker to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition. This issue was previously documented in BID 38671 (Apple Safari Prior to 4.0.5 Multiple Security Vulnerabilities) but has been given its own record to better document it.
Affected Products
Apple ipod_touch,Red_hat fedora
Short Name
HTTP:STC:SAFARI:RTL-USE-FREE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
After Apple CVE-2010-0049 Free Rendering Right-to-Left Safari Text Use Vulnerability bid:38689
Release Date
10/20/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Mandriva
Webkit_open_source_project
Apple
Ubuntu
CVSS Score
9.3