Computer Security
[EN] securityvulns.ru no-pyccku


Apple Safari memory corruption
Published:26.07.2008
Source:
SecurityVulns ID:9175
Type:client
Threat Level:
5/10
Description:memory corruption on stylesheets parsing.
CVE:CVE-2008-2317 (WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the ownerNode property of a copied CSSStyleSheet object of a STYLE element, as originally demonstrated on Apple iPhone before 2.0 and iPod touch before 2.0, a different vulnerability than CVE-2008-1590.)
Original documentdocumentZDI, ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability (26.07.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod