Zero Day Initiative Advisory 12-191 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of a HTMLMedia element. After a source element is created, an attacker can catch the beforeLoad event before the element is used, and delete the element. The pointer to the source element will then be referenced causing a use-after-free condition, which can lead to code execution under the context of the application.
f8ad76efb6dc7c54fabe36b22f6cc735fa61cf7900c7f5472118ee228b4bde4a
Apple Security Advisory 2012-09-12-1 - iTunes 10.7 is now available and addresses multiple memory corruption issues in webkit.
8f27ac75b6ce51b0fdc6c2b6f2d18541eb8e57e34aa68e9dc16e36ea16418c79
Ubuntu Security Notice 1524-1 - A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
cbaae6919431428ce28f0525f8b4610c12e3488e31906a3c083d3654bfca78e3
Apple Security Advisory 2012-07-25-1 - A cross-site scripting issue existed in the handling of feed:// URLs in Safari. An autocomplete flaw was also fixed in Safari. Various other Safari issues have also been addressed. Webkit had code execution, cross origin, access control, and various other vulnerability issues addressed.
8732227d6e75dc119efc7310ee76893499230d392a70d317817005bf2619e391
Gentoo Linux Security Advisory 201204-3 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 18.0.1025.151 are affected.
b701e0af7fd5d3bb49ccbc4fccd62c9703b155c464213a93ce5483d96ca2f2b6