exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-098
Posted Jun 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-098 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required in that a user must visit a website or open a malicious document. The specific flaw exists within the way Webkit implements the 'first-letter' css style. If a container with the first-color style has it's contents replaced with a particular element, the library will create a dual reference of the style in order to apply to its contents. Later when the element is freed, the dangling reference will still be applied to the style. Upon navigating the document's styles for either repainting or style recalculation, the application will access the freed memory which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-1401
MD5 | 0a4bb5232c03fc25ffa9757bb06ff15d
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Medical Records For 24.3 Million Left Exposed
Posted Sep 18, 2019

tags | headline, privacy, usa, data loss, fraud
New Algorithms Aim To Stamp Out Abuse On Twitter
Posted Sep 18, 2019

tags | headline, fraud, twitter
Poor Protocol Design For IoT Devices Fueling DDoS
Posted Sep 18, 2019

tags | headline, denial of service, flaw
Novaestrat Exec Arrested After Ecuadorian Data Leak
Posted Sep 18, 2019

tags | headline, government, privacy, data loss
Alleged JPMorgan Hacker Set To Plead Guilty
Posted Sep 17, 2019

tags | headline, hacker, bank
The Air Force Will Let Hackers Try To Hijack An Orbiting Satellite
Posted Sep 17, 2019

tags | headline, hacker, usa, conference, military
Gootkit Crew Left Database Exposed Without A Password
Posted Sep 17, 2019

tags | headline, malware, database, data loss, fraud
Attackers Pose As Business Executives To Secure Security Certificates
Posted Sep 17, 2019

tags | headline, cybercrime, fraud, cryptography
Personal Data From Entire 16.6M Population Of Ecuador Leaked Online
Posted Sep 16, 2019

tags | headline, privacy, data loss
Uber Confirms Account Takeover Vulnerability
Posted Sep 16, 2019

tags | headline, hacker, privacy, flaw
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close