HTTP: Apple Safari WebKit Range Object Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Apple Safari WebKit. A successful attack can lead to a arbitrary remote code execution within the context of the affected application.
Extended Description
WebKit is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application. Successful exploits will allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. NOTE: This issue was previously discussed in BID 46654 (WebKit Multiple Memory Corruption Vulnerabilities) but has been given its own record to better document it.
Affected Products
Apple iphone,Apple safari
Short Name
HTTP:STC:SAFARI:WEBKIT-RANGEOBJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2011-0115 Code Execution Object Range Remote Safari WebKit bid:46746
Release Date
03/24/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Webkit_open_source_project
Apple
CVSS Score
7.6