Zero Day Initiative Advisory 10-101 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support of the run-in display property. On insertion of a specific element with the "run-in" display property, the application will create a duplicate reference of a child element used to support that attribute. Upon destruction of the parent container, the application will then call the destructor for this child element multiple times. Successful exploitation can lead to code execution under the context of the application.
9342f3bf4b7690aedf36bbb08aa68195117842acf9998983e5af8cdc3bec36bf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed