exploit the possibilities
Showing 1 - 3 of 3 RSS Feed

CVE-2011-0240

Status Candidate

Overview

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Related Files

Apple Security Advisory 2011-10-11-1
Posted Oct 12, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-10-11-1 - iTunes 10.5 has been released and addresses CoreFoundation, ColorSync, CoreAudio, CoreMedia, ImageIO, WebKit, and various other vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2010-1823, CVE-2011-0164, CVE-2011-0200, CVE-2011-0204, CVE-2011-0215, CVE-2011-0218, CVE-2011-0221, CVE-2011-0222, CVE-2011-0223, CVE-2011-0225, CVE-2011-0232, CVE-2011-0233, CVE-2011-0234, CVE-2011-0235, CVE-2011-0237, CVE-2011-0238, CVE-2011-0240, CVE-2011-0253, CVE-2011-0254, CVE-2011-0255, CVE-2011-0259, CVE-2011-0981, CVE-2011-0983, CVE-2011-1109, CVE-2011-1114, CVE-2011-1115, CVE-2011-1117, CVE-2011-1121
MD5 | f412afeac9ef3ebef2f9d5757132d08d
iDefense Security Advisory 07.20.11 - Webkit Memory Corruption
Posted Jul 21, 2011
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 07.20.11 - Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. Scalable Vector Graphics (SVG) is an XML based file format used to describe two dimensional vector graphics. It defines both a markup language, and a JavaScript interface. When parsing a series of SVG tags, and then manipulating them via JavaScript, Safari fails to handle exceptional conditions. It is possible to trigger a use after free vulnerability by manipulating the animVal property of various SVG tags. This leaves a C++ object pointer in an inconsistent state, which can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.

tags | advisory, remote, arbitrary, javascript
advisories | CVE-2011-0240
MD5 | 084f794d6ddec703cebfa1ab4a6c71f0
Apple Security Advisory 2011-07-20-1
Posted Jul 21, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-07-20-1 - A large amount of security issues have been addressed in Safari versions 5.1 and 5.0.6. These range from cross site scripting, possible arbitrary code execution, accidental trust in a disable root certificate, buffer and integer overflows, and more.

tags | advisory, overflow, arbitrary, root, code execution, xss
systems | apple
advisories | CVE-2010-1383, CVE-2010-1420, CVE-2010-1823, CVE-2010-3829, CVE-2011-0164, CVE-2011-0195, CVE-2011-0200, CVE-2011-0201, CVE-2011-0202, CVE-2011-0204, CVE-2011-0206, CVE-2011-0214, CVE-2011-0215, CVE-2011-0216, CVE-2011-0217, CVE-2011-0218, CVE-2011-0219, CVE-2011-0221, CVE-2011-0222, CVE-2011-0223, CVE-2011-0225, CVE-2011-0232, CVE-2011-0233, CVE-2011-0234, CVE-2011-0235, CVE-2011-0237, CVE-2011-0238, CVE-2011-0240
MD5 | f4872bf7b4569d341c9eeaa28b85e926
Page 1 of 1
Back1Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close