HTTP: Apple Safari WebKit SVG Memory Corruption
This signature detects attempts to exploit a known vulnerability against Apple Safari WebKit SVG. A successful attack can lead to arbitrary code execution.
Extended Description
WebKit is prone to a remote code-execution vulnerability due to memory corruption. Attackers can exploit this issue by enticing an unsuspecting user to visit a malicious webpage. Successful attacks will result in arbitrary code execution; failed attacks may cause denial-of-service conditions. NOTE: This issue was previously discussed in BID 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it.
Affected Products
Apple iphone,Apple safari
Short Name
HTTP:STC:SAFARI:WEBKIT-SVG-MC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2011-0222 Corruption Memory SVG Safari WebKit bid:48844
Release Date
08/03/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Webkit_open_source_project
Apple
CVSS Score
9.3