HTTP: Apple Safari WebKit SVG Markers Use-After-Free Memory Corruption
This signature detects attempts to exploit a known vulnerability against Apple Safari Webkit. A successful attack can lead to arbitrary code execution.
Extended Description
WebKit is prone to a remote code-execution vulnerability due to memory corruption. Attackers can exploit this issue by enticing an unsuspecting user to visit a malicious Web page. Successful attacks will result in arbitrary code execution; failed attacks may cause denial-of-service conditions. NOTE: This issue was previously discussed in BID 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it.
Affected Products
Apple iphone,Apple itunes
Short Name
HTTP:STC:SAFARI:WEBKIT-SVG-MARK
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2011-1453 Corruption Markers Memory SVG Safari Use-After-Free WebKit bid:48855
Release Date
08/15/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Webkit_open_source_project
Apple
CVSS Score
9.3