webkit

241 items tagged "webkit"

Related tags: style [+], dom [+], web page versions [+], vulnerability research [+], use [+], critical vulnerability [+], html [+], handling [+], free [+], exploit [+], css [+], code execution [+], safari [+], proof of concept [+], apple iphone [+], zdi [+], user [+], touch [+], text [+], security advisory [+], multiple [+], ipod [+], cross [+], corruption [+], array [+], memory corruption [+], apple safari [+], wbr [+], txt [+], text element [+], tag [+], stack [+], regular expression [+], objects [+], javascript [+], information disclosure [+], iframe [+], expression [+], exhaustion [+], domain information [+], bound [+], block [+], windows management instrumentation [+], vulnerabilities [+], tags [+], style tag [+], scroll [+], resource load [+], resource [+], protocol [+], object pointer [+], normalize [+], method [+], load [+], left [+], integer overflow [+], integer [+], instrumentation service [+], initiative [+], http [+], free memory [+], format [+], file [+], execution [+], event [+], elements [+], domain issues [+], domain [+], displayed [+], dimensional vector [+], css format [+], creation vulnerability [+], creation [+], arbitrary code [+], advisory [+], webcore [+], vertical [+], type [+], truncation [+], token [+], time [+], target [+], tag removal [+], stubs [+], security [+], redirects [+], point [+], parent container [+], numeric character references [+], numeric [+], node [+], mime type [+], mime [+], keyboard focus [+], keyboard [+], javascript array [+], interface [+], information [+], image pattern [+], image [+], hover [+], history [+], geolocation [+], foreignobject [+], focus [+], floating point [+], exploits [+], element code [+], datatype [+], custom [+], css styled [+], character [+], bugtraq [+], bug [+], browser [+], apple security [+], zero day [+], memory [+], code [+], remote [+], window [+], webpage [+], watering [+], vulnerable version [+], vortex [+], usn [+], user interface [+], uri spoofing [+], uri clipboard [+], update [+], uninitialized [+], tree [+], svg documents [+], svg document [+], styling [+], stale [+], src [+], software versions [+], security weakness [+], secunia [+], safari for windows [+], runin [+], run in [+], root [+], replacestate [+], removechild [+], recalculation [+], read [+], random number generator [+], pwn [+], property [+], port [+], pointer [+], plugs [+], pasting [+], overflow error [+], operation [+], nested [+], mouse [+], mdvsa [+], marker [+], malicious website [+], mac os x [+], mac os [+], local [+], link [+], libxslt [+], library user [+], library [+], letter style [+], irc [+], integer overflow vulnerability [+], insufficient [+], images [+], html tags [+], html button [+], home [+], history feature [+], handler [+], hacks [+], google [+], function [+], free error [+], frame src [+], frame [+], fonts [+], first [+], feature address [+], feature [+], execcommand [+], error [+], entropy [+], element element [+], editing [+], editable [+], dsa [+], domain spoofing [+], dom range [+], dom prototype [+], dom event [+], document fragments [+], document [+], disclosure [+], darknet [+], dangling pointer [+], cross site scripting [+], contenteditable [+], container [+], clipboard [+], caption element [+], caption [+], buffer overflow vulnerability [+], browser interface [+], browser engine [+], box [+], body element [+], attribute [+], apple safari for windows [+], anchor tag [+], anchor [+], alink [+], ExploitsVulnerabilities [+], Area [+], day [+], zero [+], information disclosure vulnerability [+], svg [+], application [+], safer use [+], element [+], denial of service [+], apple webkit [+], unspecified [+], android [+], service vulnerability [+], vulnerability [+]

May 10, 2012
8:24
Apple Security Advisory 2012-05-09-2
» ‎ Packet Storm Security Advisories

Apple Security Advisory 2012-05-09-2 - Safari 5.1.7 is now available and addresses multiple WebKit related vulnerabilities.
Tags: advisory safari webkit apple-security security-advisory vulnerabilities

8:24
Apple Security Advisory 2012-05-09-2
» ‎ Packet Storm Security Recent Files

Apple Security Advisory 2012-05-09-2 - Safari 5.1.7 is now available and addresses multiple WebKit related vulnerabilities.
Tags: advisory safari webkit apple-security security-advisory vulnerabilities

May 08, 2012
12:11
Apple Security Advisory 2012-05-07-1
» ‎ Packet Storm Security Advisories

Apple Security Advisory 2012-05-07-1 - A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. Multiple cross site scripting issues existed in WebKit along with a memory corruption issue.
Tags: memory-corruption webkit security-advisory

12:11
Apple Security Advisory 2012-05-07-1
» ‎ Packet Storm Security Recent Files

Apple Security Advisory 2012-05-07-1 - A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. Multiple cross site scripting issues existed in WebKit along with a memory corruption issue.
Tags: memory-corruption webkit security-advisory

12:11
Apple Security Advisory 2012-05-07-1
» ‎ Packet Storm Security Misc. Files

Apple Security Advisory 2012-05-07-1 - A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. Multiple cross site scripting issues existed in WebKit along with a memory corruption issue.
Tags: memory-corruption webkit security-advisory

April 18, 2012
0:00
Vuln: WebKit Multiple Unspecified Memory Corruption Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

WebKit Multiple Unspecified Memory Corruption Vulnerabilities
Tags: multiple webkit unspecified memory-corruption
March 27, 2012
0:00
Vuln: WebKit CSS 'format()' Arguments Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CSS 'format()' Arguments Memory Corruption Vulnerability
Tags: format webkit css memory-corruption css-format
March 12, 2012
0:00
Vuln: WebKit Multiple Unspecified Memory Corruption Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

WebKit Multiple Unspecified Memory Corruption Vulnerabilities
Tags: multiple webkit unspecified memory-corruption
0:00
Vuln: WebKit Multiple Unspecified Cross Site Scripting Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

WebKit Multiple Unspecified Cross Site Scripting Vulnerabilities
Tags: multiple webkit unspecified
0:00
Vuln: WebKit Multiple Unspecified Memory Corruption Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

WebKit Multiple Unspecified Memory Corruption Vulnerabilities
Tags: multiple webkit unspecified memory-corruption

February 08, 2012
13:38
Android Webkit XSS / Cross Domain Issues
» ‎ Packet Storm Security Exploits

Android suffers from multiple cross site scripting, cross domain, auto file download and cross protocol vulnerabilities.
Tags: cross domain android domain-issues webkit protocol

13:38
Android Webkit XSS / Cross Domain Issues
» ‎ Packet Storm Security Recent Files

Android suffers from multiple cross site scripting, cross domain, auto file download and cross protocol vulnerabilities.
Tags: cross domain android domain-issues webkit protocol

13:38
Android Webkit XSS / Cross Domain Issues
» ‎ Packet Storm Security Misc. Files

Android suffers from multiple cross site scripting, cross domain, auto file download and cross protocol vulnerabilities.
Tags: cross domain android domain-issues webkit protocol

February 02, 2012
0:00
Vuln: WebKit 'Node.normalize' Method Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'Node.normalize' Method Remote Code Execution Vulnerability
Tags: webkit method node code-execution vulnerability

February 01, 2012
17:45
Android 2.2 Webkit Normalize
» ‎ Packet Storm Security Exploits

Proof of concept exploit that demonstrates the Webkit normalize bug for Android version 2.2.
Tags: normalize android webkit proof-of-concept exploit

17:45
Android 2.2 Webkit Normalize
» ‎ Packet Storm Security Recent Files

Proof of concept exploit that demonstrates the Webkit normalize bug for Android version 2.2.
Tags: normalize android webkit proof-of-concept exploit

17:45
Android 2.2 Webkit Normalize
» ‎ Packet Storm Security Misc. Files

Proof of concept exploit that demonstrates the Webkit normalize bug for Android version 2.2.
Tags: normalize android webkit proof-of-concept exploit

14:00
[webapps / 0day] - Webkit normalize bug for android 2.2 (CVE-2010-1759)
» ‎ 1337day (was: Inj3ct0r, 1337db)

[webapps / 0day] - Webkit normalize bug for android 2.2 (CVE-2010-1759)
Tags: day bug webkit
14:00
[remote exploits] - Webkit normalize bug for android 2.2 (CVE-2010-1759)
» ‎ 1337day (was: Inj3ct0r, 1337db)

[remote exploits] - Webkit normalize bug for android 2.2 (CVE-2010-1759)
Tags: bug android webkit exploits

December 21, 2011
14:09
Apple Webkit setAttributes attributeChanged Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Webkit Library.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability execution apple-webkit code-execution safer-use webkit
14:04
Apple Safari Webkit SVG Marker Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability webkit apple-safari code-execution safer-use
14:04
Apple Safari Webkit FrameOwner Element Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability webkit apple-safari element-code code-execution

December 12, 2011
0:00
Vuln: WebKit ':visited' CSS Pseudo-class Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit ':visited' CSS Pseudo-class Information Disclosure Vulnerability
Tags: information-disclosure-vulnerability webkit
December 09, 2011
0:00
Vuln: WebKit SVG CVE-2010-3113 Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit SVG CVE-2010-3113 Memory Corruption Vulnerability
Tags: webkit memory svg memory-corruption vulnerability
December 08, 2011
0:00
Vuln: WebKit SVG CVE-2010-3113 Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit SVG CVE-2010-3113 Memory Corruption Vulnerability
Tags: webkit memory svg memory-corruption vulnerability
November 21, 2011
0:00
Vuln: WebKit CSS 'format()' Arguments Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CSS 'format()' Arguments Memory Corruption Vulnerability
Tags: format webkit css memory-corruption css-format
November 04, 2011
0:00
Vuln: Webkit SVG Out of Bound Array Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Webkit SVG Out of Bound Array Denial of Service Vulnerability
Tags: bound svg webkit service-vulnerability denial-of-service array

October 18, 2011
7:10
Apple Safari Webkit libxslt Arbitrary File Creation
» ‎ Packet Storm Security Exploits

This Metasploit module exploits a file creation vulnerability in the Webkit rendering engine. It is possible to redirect the output of a XSLT transformation to an arbitrary file. The content of the created file must be ASCII or UTF-8. The destination path can be relative or absolute. This Metasploit module has been tested on Safari and Maxthon. Code execution can be achieved by first uploading the payload to the remote machine in VBS format, and then upload a MOF file, which enables Windows Management Instrumentation service to execute the VBS.
Tags: file creation webkit apple-safari windows-management-instrumentation instrumentation-service creation-vulnerability

7:10
Apple Safari Webkit libxslt Arbitrary File Creation
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a file creation vulnerability in the Webkit rendering engine. It is possible to redirect the output of a XSLT transformation to an arbitrary file. The content of the created file must be ASCII or UTF-8. The destination path can be relative or absolute. This Metasploit module has been tested on Safari and Maxthon. Code execution can be achieved by first uploading the payload to the remote machine in VBS format, and then upload a MOF file, which enables Windows Management Instrumentation service to execute the VBS.
Tags: file creation webkit apple-safari windows-management-instrumentation instrumentation-service creation-vulnerability

7:10
Apple Safari Webkit libxslt Arbitrary File Creation
» ‎ Packet Storm Security Misc. Files

This Metasploit module exploits a file creation vulnerability in the Webkit rendering engine. It is possible to redirect the output of a XSLT transformation to an arbitrary file. The content of the created file must be ASCII or UTF-8. The destination path can be relative or absolute. This Metasploit module has been tested on Safari and Maxthon. Code execution can be achieved by first uploading the payload to the remote machine in VBS format, and then upload a MOF file, which enables Windows Management Instrumentation service to execute the VBS.
Tags: file creation webkit apple-safari windows-management-instrumentation instrumentation-service creation-vulnerability

October 11, 2011
0:00
Vuln: WebKit 'libxslt' Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'libxslt' Remote Code Execution Vulnerability
Tags: code-execution webkit vulnerability
0:00
Vuln: WebKit CVE-2011-1457 Memory Corruption Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-1457 Memory Corruption Remote Code Execution Vulnerability
Tags: memory-corruption code-execution webkit
August 23, 2011
0:00
Vuln: Webkit SVG Out of Bound Array Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Webkit SVG Out of Bound Array Denial of Service Vulnerability
Tags: bound svg webkit service-vulnerability denial-of-service array
August 11, 2011
0:00
Vuln: WebKit CVE-2011-0222 Memory Corruption Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0222 Memory Corruption Remote Code Execution Vulnerability
Tags: corruption remote memory memory-corruption code-execution webkit
August 08, 2011
0:00
Vuln: WebKit CVE-2011-1453 Memory Corruption Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-1453 Memory Corruption Remote Code Execution Vulnerability
Tags: corruption remote memory memory-corruption code-execution webkit
August 02, 2011
0:00
Vuln: WebKit 'libxslt' Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'libxslt' Remote Code Execution Vulnerability
Tags: code remote libxslt code-execution webkit vulnerability
July 29, 2011
0:00
Vuln: Apple Safari WebKit JavaScript Regular Expression Handling Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Apple Safari WebKit JavaScript Regular Expression Handling Buffer Overflow Vulnerability
Tags: javascript webkit expression apple-safari buffer-overflow-vulnerability regular-expression

July 28, 2011
0:04
Zero Day Initiative Advisory 11-242
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 11-242 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application frees references from a particular element. When freeing these references, the application will fail to remove the reference from the rendering object. Later upon trying to free the element again, the application will access the freed reference which can lead to code execution under the context of the application.
Tags: day zero application apple-safari zero-day webkit

0:04
Zero Day Initiative Advisory 11-242
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 11-242 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application frees references from a particular element. When freeing these references, the application will fail to remove the reference from the rendering object. Later upon trying to free the element again, the application will access the freed reference which can lead to code execution under the context of the application.
Tags: day zero application apple-safari zero-day webkit

0:04
Zero Day Initiative Advisory 11-242
» ‎ Packet Storm Security Misc. Files

Zero Day Initiative Advisory 11-242 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application frees references from a particular element. When freeing these references, the application will fail to remove the reference from the rendering object. Later upon trying to free the element again, the application will access the freed reference which can lead to code execution under the context of the application.
Tags: day zero application apple-safari zero-day webkit

July 27, 2011
15:00
Bugtraq: ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability
Tags: code remote style code-execution webkit zdi

14:17
Zero Day Initiative Advisory 11-240
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 11-240 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's support of SVG markers. When updating a marker, the application will duplicate the reference of an object without updating its reference count. When freeing this object, a use-after-free vulnerability can be made to occur. This can be leveraged by a remote attacker to execute code under the context of the user running the application.
Tags: day zero vulnerability apple-safari zero-day webkit

14:17
Zero Day Initiative Advisory 11-240
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 11-240 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's support of SVG markers. When updating a marker, the application will duplicate the reference of an object without updating its reference count. When freeing this object, a use-after-free vulnerability can be made to occur. This can be leveraged by a remote attacker to execute code under the context of the user running the application.
Tags: day zero vulnerability apple-safari zero-day webkit

14:17
Zero Day Initiative Advisory 11-240
» ‎ Packet Storm Security Misc. Files

Zero Day Initiative Advisory 11-240 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's support of SVG markers. When updating a marker, the application will duplicate the reference of an object without updating its reference count. When freeing this object, a use-after-free vulnerability can be made to occur. This can be leveraged by a remote attacker to execute code under the context of the user running the application.
Tags: day zero vulnerability apple-safari zero-day webkit

14:00
Bugtraq: ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability
Tags: marker svg webkit apple-safari code-execution zdi
14:00
Bugtraq: ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability
Tags: code remote webkit code-execution zdi

8:28
Zero Day Initiative Advisory 11-239
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 11-239 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of a FrameOwner element. When building this tree, the application will create a duplicate reference of an element. By freeing the referenced element, a use-after-free condition can be made to occur which can lead to code execution under the context of the application.
Tags: day zero element apple-safari zero-day webkit

8:28
Zero Day Initiative Advisory 11-239
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 11-239 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of a FrameOwner element. When building this tree, the application will create a duplicate reference of an element. By freeing the referenced element, a use-after-free condition can be made to occur which can lead to code execution under the context of the application.
Tags: day zero element apple-safari zero-day webkit

8:28
Zero Day Initiative Advisory 11-239
» ‎ Packet Storm Security Misc. Files

Zero Day Initiative Advisory 11-239 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of a FrameOwner element. When building this tree, the application will create a duplicate reference of an element. By freeing the referenced element, a use-after-free condition can be made to occur which can lead to code execution under the context of the application.
Tags: day zero element apple-safari zero-day webkit

0:00
Vuln: WebKit CVE-2011-0232 Memory Corruption Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0232 Memory Corruption Remote Code Execution Vulnerability
Tags: corruption remote memory memory-corruption code-execution webkit
0:00
Vuln: WebKit CVE-2011-0255 Memory Corruption Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0255 Memory Corruption Remote Code Execution Vulnerability
Tags: corruption remote memory memory-corruption code-execution webkit

July 26, 2011
19:09
Webkit Detached Body Element Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari WebKit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability webkit apple-safari element-code body-element code-execution

July 25, 2011
7:30
Safari / Webkit Memory Corruption Proof Of Concept
» ‎ Packet Storm Security Exploits

Webkit memory corruption proof of concept exploit that can be leveraged against Safari versions prior to 5.1 and 5.0.6.
Tags: safari memory webkit memory-corruption proof-of-concept

7:30
Safari / Webkit Memory Corruption Proof Of Concept
» ‎ Packet Storm Security Recent Files

Webkit memory corruption proof of concept exploit that can be leveraged against Safari versions prior to 5.1 and 5.0.6.
Tags: safari memory webkit memory-corruption proof-of-concept

7:30
Safari / Webkit Memory Corruption Proof Of Concept
» ‎ Packet Storm Security Misc. Files

Webkit memory corruption proof of concept exploit that can be leveraged against Safari versions prior to 5.1 and 5.0.6.
Tags: safari memory webkit memory-corruption proof-of-concept

7:19
Webkit Memory Corruption / Code Execution
» ‎ Packet Storm Security Advisories

Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. Scalable Vector Graphics (SVG) is an XML based file format used to describe two dimensional vector graphics. It defines both a markup language, and a JavaScript interface. When processing DOM queries to SVG tags, Safari fails to handle exceptional conditions. It is possible to trigger a use after free vulnerability by query some properties of SVG tags. This leaves a C++ object pointer in an inconsistent state, which can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.
Tags: code webkit svg dom memory-corruption object-pointer dimensional-vector

7:19
Webkit Memory Corruption / Code Execution
» ‎ Packet Storm Security Recent Files

Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. Scalable Vector Graphics (SVG) is an XML based file format used to describe two dimensional vector graphics. It defines both a markup language, and a JavaScript interface. When processing DOM queries to SVG tags, Safari fails to handle exceptional conditions. It is possible to trigger a use after free vulnerability by query some properties of SVG tags. This leaves a C++ object pointer in an inconsistent state, which can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.
Tags: code webkit svg dom memory-corruption object-pointer dimensional-vector

7:19
Webkit Memory Corruption / Code Execution
» ‎ Packet Storm Security Misc. Files

Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. Scalable Vector Graphics (SVG) is an XML based file format used to describe two dimensional vector graphics. It defines both a markup language, and a JavaScript interface. When processing DOM queries to SVG tags, Safari fails to handle exceptional conditions. It is possible to trigger a use after free vulnerability by query some properties of SVG tags. This leaves a C++ object pointer in an inconsistent state, which can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.
Tags: code webkit svg dom memory-corruption object-pointer dimensional-vector

0:00
Vuln: WebKit CVE-2011-0222 Memory Corruption Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0222 Memory Corruption Remote Code Execution Vulnerability
Tags: corruption remote memory memory-corruption code-execution webkit

June 28, 2011
17:39
Apple Safari WebKit Block Dimensions Handling Integer Overflow Vulnerability
» ‎ SecuriTeam

Apple Safari Contains a vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: block integer webkit apple-safari integer-overflow-vulnerability overflow-error
June 26, 2011
15:04
Apple Safari WebKit Scroll Event Handling Use-after-free Vulnerability
» ‎ SecuriTeam

Apple Safari Contains a vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: scroll vulnerability webkit apple-safari safer-use
June 20, 2011
14:09
Apple Safari WebKit Range Object Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's WebKit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability webkit apple-safari code-execution safer-use
June 14, 2011
20:49
WebKit WBR Tag Removal Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability webkit code-execution tag-removal safer-use
June 13, 2011
12:34
Webkit Undefined DOM Prototype Attach Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability webkit apple-safari dom-prototype code-execution safer-use
June 05, 2011
19:54
Webkit CSS Text Element Count Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability webkit text-element code-execution safer-use
May 28, 2011
20:34
Apple Safari WebKit Iframe Event Handling Use-after-free Vulnerability
» ‎ SecuriTeam

Apple Safari Contains a vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: iframe vulnerability webkit apple-safari safer-use
20:29
Apple iPhone Webkit Library Javascript Array sort Method Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's iPhone Webkit library.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code library webkit apple-iphone javascript-array code-execution
May 25, 2011
19:19
Apple Webkit Root HTMLBRElement Style Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit Library.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability root apple-webkit code-execution safer-use webkit
19:19
Apple Safari Webkit Runin Box Promotion Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability webkit apple-safari code-execution safer-use

April 18, 2011
0:00
Vuln: WebKit Style Handling Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Style Handling Memory Corruption Vulnerability
Tags: webkit style handling memory-corruption vulnerability
0:00
Vuln: WebKit WBR Tags Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit WBR Tags Use-After-Free Remote Code Execution Vulnerability
Tags: webkit tags wbr code-execution vulnerability
April 15, 2011
0:00
Vuln: WebKit WBR Tags Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit WBR Tags Use-After-Free Remote Code Execution Vulnerability
Tags: webkit tags wbr code-execution vulnerability
April 14, 2011
14:00
Bugtraq: ZDI-11-135: (Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

ZDI-11-135: (Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability
Tags: webkit wbr pwn code-execution tag-removal zdi
0:00
Vuln: WebKit Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Use-After-Free Remote Code Execution Vulnerability
Tags: free webkit remote code-execution vulnerability
0:00
Vuln: WebKit Style Handling Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Style Handling Memory Corruption Vulnerability
Tags: webkit style handling memory-corruption vulnerability
0:00
Vuln: WebKit WBR Tags Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit WBR Tags Use-After-Free Remote Code Execution Vulnerability
Tags: webkit tags wbr code-execution vulnerability
March 18, 2011
0:00
Vuln: WebKit Local Webpage Cross Domain Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Local Webpage Cross Domain Information Disclosure Vulnerability
Tags: webpage webkit local information-disclosure-vulnerability domain-information
March 15, 2011
0:00
Vuln: WebKit Style Handling Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Style Handling Memory Corruption Vulnerability
Tags: webkit style handling memory-corruption vulnerability

March 14, 2011
18:19
Apple Safari WebKit Block Dimensions Handling Integer Overflow
» ‎ Packet Storm Security Advisories

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
Tags: block webkit vulnerability apple-safari web-page-versions vulnerability-research critical-vulnerability

18:19
Apple Safari WebKit Block Dimensions Handling Integer Overflow
» ‎ Packet Storm Security Recent Files

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
Tags: block webkit vulnerability apple-safari web-page-versions vulnerability-research critical-vulnerability

18:19
Apple Safari WebKit Block Dimensions Handling Integer Overflow
» ‎ Packet Storm Security Misc. Files

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
Tags: block webkit vulnerability apple-safari web-page-versions vulnerability-research critical-vulnerability

16:26
Android 2.0 / 2.1 / 2.1.1 WebKit Use-After-Free
» ‎ Packet Storm Security Exploits

Android versions 2.0, 2.1, and 2.1.1 WebKit use-after-free exploit.
Tags: use webkit android exploit

16:26
Android 2.0 / 2.1 / 2.1.1 WebKit Use-After-Free
» ‎ Packet Storm Security Recent Files

Android versions 2.0, 2.1, and 2.1.1 WebKit use-after-free exploit.
Tags: use webkit android exploit

16:26
Android 2.0 / 2.1 / 2.1.1 WebKit Use-After-Free
» ‎ Packet Storm Security Misc. Files

Android versions 2.0, 2.1, and 2.1.1 WebKit use-after-free exploit.
Tags: use webkit android exploit

15:00
[remote exploits] - Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

[remote exploits] - Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit
Tags: webkit exploits android exploit

13:21
Apple Safari WebKit Scroll Event Handling Remote Use-After-Free
» ‎ Packet Storm Security Recent Files

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
Tags: scroll webkit vulnerability apple-safari web-page-versions vulnerability-research critical-vulnerability

13:21
Apple Safari WebKit Scroll Event Handling Remote Use-After-Free
» ‎ Packet Storm Security Misc. Files

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
Tags: scroll webkit vulnerability apple-safari web-page-versions vulnerability-research critical-vulnerability

12:43
Apple Safari WebKit Iframe Event Handling Remote Use-After-Free
» ‎ Packet Storm Security Advisories

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
Tags: iframe webkit vulnerability apple-safari web-page-versions vulnerability-research critical-vulnerability

12:43
Apple Safari WebKit Iframe Event Handling Remote Use-After-Free
» ‎ Packet Storm Security Recent Files

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
Tags: iframe webkit vulnerability apple-safari web-page-versions vulnerability-research critical-vulnerability

12:43
Apple Safari WebKit Iframe Event Handling Remote Use-After-Free
» ‎ Packet Storm Security Misc. Files

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
Tags: iframe webkit vulnerability apple-safari web-page-versions vulnerability-research critical-vulnerability

0:00
Vuln: WebKit 'removeChild()' Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'removeChild()' Remote Code Execution Vulnerability
Tags: webkit remote removechild code-execution vulnerability

March 10, 2011
17:59
Secunia Security Advisory 43688
» ‎ Packet Storm Security Advisories

Secunia Security Advisory - Debian has acknowledged multiple vulnerabilities in webkit, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a user's system.
Tags: advisory secunia security denial-of-service webkit

9:00
Bugtraq: [SECURITY] [DSA 2188-1] webkit security update
» ‎ SecurityFocus Vulnerabilities

[SECURITY] [DSA 2188-1] webkit security update
Tags: security dsa webkit
0:00
Vuln: WebKit CSS Token Sequences Handling Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CSS Token Sequences Handling Denial of Service Vulnerability
Tags: token webkit css service-vulnerability denial-of-service
March 09, 2011
0:00
Vuln: WebKit CVE-2011-0138 Unspecified Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0138 Unspecified Memory Corruption Vulnerability
Tags: webkit unspecified memory memory-corruption vulnerability
0:00
Vuln: WebKit CVE-2011-0134 Unspecified Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0134 Unspecified Memory Corruption Vulnerability
Tags: webkit unspecified memory memory-corruption vulnerability
0:00
Vuln: WebKit CVE-2011-0135 Unspecified Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0135 Unspecified Memory Corruption Vulnerability
Tags: webkit unspecified memory memory-corruption vulnerability
0:00
Vuln: WebKit CVE-2011-0136 Unspecified Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0136 Unspecified Memory Corruption Vulnerability
Tags: webkit unspecified memory memory-corruption vulnerability
March 04, 2011
0:00
Vuln: WebKit CVE-2011-0135 Unspecified Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0135 Unspecified Memory Corruption Vulnerability
Tags: webkit unspecified memory memory-corruption vulnerability
0:00
Vuln: WebKit CVE-2011-0155 Unspecified Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0155 Unspecified Memory Corruption Vulnerability
Tags: webkit unspecified memory memory-corruption vulnerability
0:00
Vuln: WebKit CVE-2011-0150 Unspecified Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0150 Unspecified Memory Corruption Vulnerability
Tags: webkit unspecified memory memory-corruption vulnerability
0:00
Vuln: WebKit CVE-2011-0152 Unspecified Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2011-0152 Unspecified Memory Corruption Vulnerability
Tags: webkit unspecified memory memory-corruption vulnerability

March 03, 2011
7:46
Zero Day Initiative Advisory 11-097
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 11-097 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setOuterText method of the Webkit htmlelement library. Due to a failure to properly track DOM manipulations made within the browser, it is possible to make use of a previously freed pointer and facilitate remote code execution under the context of the user running the browser process.
Tags: day zero initiative apple-webkit dom code-execution webkit zero-day

7:46
Zero Day Initiative Advisory 11-097
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 11-097 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setOuterText method of the Webkit htmlelement library. Due to a failure to properly track DOM manipulations made within the browser, it is possible to make use of a previously freed pointer and facilitate remote code execution under the context of the user running the browser process.
Tags: day zero initiative apple-webkit dom code-execution webkit zero-day

7:46
Zero Day Initiative Advisory 11-097
» ‎ Packet Storm Security Misc. Files

Zero Day Initiative Advisory 11-097 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setOuterText method of the Webkit htmlelement library. Due to a failure to properly track DOM manipulations made within the browser, it is possible to make use of a previously freed pointer and facilitate remote code execution under the context of the user running the browser process.
Tags: day zero initiative apple-webkit dom code-execution webkit zero-day

7:46
Zero Day Initiative Advisory 11-096
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 11-096 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how WebKit processes a range object as defined with the DOM level 2 specification. When processing the contents of a range, WebKit will fail to accommodate for manipulation of the DOM due to an event listener. This can lead to code execution under the context of the application.
Tags: day zero webkit apple-safari dom zero-day

7:46
Zero Day Initiative Advisory 11-096
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 11-096 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how WebKit processes a range object as defined with the DOM level 2 specification. When processing the contents of a range, WebKit will fail to accommodate for manipulation of the DOM due to an event listener. This can lead to code execution under the context of the application.
Tags: day zero webkit apple-safari dom zero-day

7:46
Zero Day Initiative Advisory 11-096
» ‎ Packet Storm Security Misc. Files

Zero Day Initiative Advisory 11-096 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how WebKit processes a range object as defined with the DOM level 2 specification. When processing the contents of a range, WebKit will fail to accommodate for manipulation of the DOM due to an event listener. This can lead to code execution under the context of the application.
Tags: day zero webkit apple-safari dom zero-day

March 02, 2011
7:00
Bugtraq: [ MDVSA-2011:039 ] webkit
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2011:039 ] webkit
Tags: bugtraq mdvsa webkit
0:00
Vuln: WebKit CVE-2010-1386 Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2010-1386 Information Disclosure Vulnerability
Tags: disclosure webkit information information-disclosure-vulnerability
0:00
Vuln: WebKit Right-to-Left Displayed Text Handling Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Right-to-Left Displayed Text Handling Memory Corruption Vulnerability
Tags: left webkit displayed memory-corruption vulnerability
0:00
Vuln: WebKit 'execCommand()' Function Clipboard Overwrite Security Weakness
» ‎ SecurityFocus Vulnerabilities

WebKit 'execCommand()' Function Clipboard Overwrite Security Weakness
Tags: webkit execcommand function security-weakness clipboard
0:00
Vuln: WebKit HTTP Redirects Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit HTTP Redirects Information Disclosure Vulnerability
Tags: webkit http redirects information-disclosure-vulnerability
0:00
Vuln: WebKit ':visited' CSS Pseudo-class Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit ':visited' CSS Pseudo-class Information Disclosure Vulnerability
Tags: information-disclosure-vulnerability webkit
0:00
Vuln: Webkit SVG Out of Bound Array Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Webkit SVG Out of Bound Array Denial of Service Vulnerability
Tags: bound svg webkit service-vulnerability denial-of-service array
0:00
Vuln: WebKit 'Text' Objects Integer Overflow Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'Text' Objects Integer Overflow Remote Code Execution Vulnerability
Tags: webkit objects text integer-overflow code-execution vulnerability
January 25, 2011
0:00
Vuln: WebKit Text Editing Use After Free Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Text Editing Use After Free Memory Corruption Vulnerability
Tags: editing webkit text memory-corruption free-memory vulnerability
0:00
Vuln: WebKit CSS Token Sequences Handling Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CSS Token Sequences Handling Denial of Service Vulnerability
Tags: token webkit css service-vulnerability denial-of-service
0:00
Vuln: Webkit History Feature Address Bar URI Spoofing Vulnerability
» ‎ SecurityFocus Vulnerabilities

Webkit History Feature Address Bar URI Spoofing Vulnerability
Tags: feature history webkit uri-spoofing feature-address history-feature vulnerability
0:00
Vuln: WebKit Large Text Area (CVE-2010-4198) Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Large Text Area (CVE-2010-4198) Denial of Service Vulnerability
Tags: webkit Area text service-vulnerability denial-of-service
January 21, 2011
0:00
Vuln: Webkit SVG Out of Bound Array Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Webkit SVG Out of Bound Array Denial of Service Vulnerability
Tags: bound svg webkit service-vulnerability denial-of-service array
January 07, 2011
0:00
Vuln: WebKit HTML 'Link' DNS Pre-Fetching Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit HTML 'Link' DNS Pre-Fetching Security Bypass Vulnerability
Tags: webkit link html vulnerability
0:00
Vuln: WebKit 'Text' Objects Integer Overflow Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'Text' Objects Integer Overflow Remote Code Execution Vulnerability
Tags: webkit objects text integer-overflow code-execution vulnerability
December 20, 2010
0:00
Vuln: Apple Safari WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Apple Safari WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability
Tags: property webkit alink apple-safari service-vulnerability denial-of-service

November 23, 2010
8:46
Zero Day Initiative Advisory 10-257
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-257 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the wholeText method of the Text element. When calculating the total size of all the text containing it, the application will wrap a 32-bit integer. The application will use this in an allocation and then later use a different value for populating the buffer. This can lead to code execution under the context of the application.
Tags: day zero application apple-webkit text-element zero-day webkit

8:46
Zero Day Initiative Advisory 10-257
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 10-257 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the wholeText method of the Text element. When calculating the total size of all the text containing it, the application will wrap a 32-bit integer. The application will use this in an allocation and then later use a different value for populating the buffer. This can lead to code execution under the context of the application.
Tags: day zero application apple-webkit text-element zero-day webkit

8:46
Zero Day Initiative Advisory 10-257
» ‎ Packet Storm Security Misc. Files

Zero Day Initiative Advisory 10-257 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the wholeText method of the Text element. When calculating the total size of all the text containing it, the application will wrap a 32-bit integer. The application will use this in an allocation and then later use a different value for populating the buffer. This can lead to code execution under the context of the application.
Tags: day zero application apple-webkit text-element zero-day webkit

0:00
Vuln: WebKit 'Text' Objects Integer Overflow Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'Text' Objects Integer Overflow Remote Code Execution Vulnerability
Tags: webkit objects text integer-overflow code-execution vulnerability
November 22, 2010
0:00
Vuln: WebKit Insufficient Entropy Random Number Generator Weakness
» ‎ SecurityFocus Vulnerabilities

WebKit Insufficient Entropy Random Number Generator Weakness
Tags: entropy webkit insufficient random-number-generator
0:00
Vuln: WebKit for Apple iPhone/iPod touch Prior to iOS 4.1 Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit for Apple iPhone/iPod touch Prior to iOS 4.1 Remote Code Execution Vulnerability
Tags: ipod webkit touch apple-iphone code-execution
0:00
Vuln: WebKit 'font-face' and 'use' Elements Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'font-face' and 'use' Elements Use-After-Free Remote Code Execution Vulnerability
Tags: free webkit remote code-execution vulnerability
0:00
Vuln: WebKit Keyboard Focus Cross Domain Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Keyboard Focus Cross Domain Information Disclosure Vulnerability
Tags: keyboard webkit focus information-disclosure-vulnerability keyboard-focus domain-information
0:00
Vuln: WebKit User Interface Cross Domain Spoofing Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit User Interface Cross Domain Spoofing Vulnerability
Tags: webkit interface user user-interface vulnerability domain-spoofing
0:00
Vuln: WebKit SVG Image Pattern Cross Domain Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit SVG Image Pattern Cross Domain Security Bypass Vulnerability
Tags: webkit image svg image-pattern vulnerability
0:00
Vuln: WebKit CSS-Styled HTML Handling Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CSS-Styled HTML Handling Remote Code Execution Vulnerability
Tags: webkit html css-styled code-execution vulnerability
November 19, 2010
0:00
Vuln: WebKit for Apple iPhone/iPod touch Prior to iOS 4.1 Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit for Apple iPhone/iPod touch Prior to iOS 4.1 Remote Code Execution Vulnerability
Tags: ipod webkit touch apple-iphone code-execution
November 18, 2010
0:00
Vuln: WebKit MIME Type Handling CVE-2010-3116 Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit MIME Type Handling CVE-2010-3116 Memory Corruption Vulnerability
Tags: mime webkit type memory-corruption mime-type vulnerability
0:00
Vuln: WebKit for Apple iPhone/iPod touch Prior to iOS 4.1 Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit for Apple iPhone/iPod touch Prior to iOS 4.1 Remote Code Execution Vulnerability
Tags: ipod webkit touch apple-iphone code-execution
0:00
Vuln: WebKit Images Cross Domain Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Images Cross Domain Information Disclosure Vulnerability
Tags: cross images webkit information-disclosure-vulnerability domain-information
November 15, 2010
0:00
Vuln: Webkit Floating Point Datatype Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Webkit Floating Point Datatype Remote Code Execution Vulnerability
Tags: point datatype webkit code-execution floating-point vulnerability

November 07, 2010
23:07
Researcher Releases Android Exploit In Webkit Browser Engine
» ‎ Darknet

And Android security hits the news once again, it’s not a vulnerability in the OS per-say but rather in the browser based on the Webkit engine. It does highlight the inherent fragmentation problems with the Android platform and the security concerns that come with running old OS and software versions. It’s a problem that is [...]

Read the full post at darknet.org.uk

Tags: android browser webkit read browser-engine software-versions darknet ExploitsVulnerabilities

November 05, 2010
0:00
Vuln: Webkit Floating Point Datatype Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Webkit Floating Point Datatype Remote Code Execution Vulnerability
Tags: point datatype webkit code-execution floating-point vulnerability

November 01, 2010
12:09
Apple Safari Webkit Run-in Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability webkit apple-safari code-execution safer-use

October 19, 2010
14:00
Bugtraq: [USN-1006-1] WebKit vulnerabilities
» ‎ SecurityFocus Vulnerabilities

[USN-1006-1] WebKit vulnerabilities
Tags: bugtraq vulnerabilities webkit usn
0:00
Vuln: WebKit Cast Operation CVE-2010-3114 Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Cast Operation CVE-2010-3114 Memory Corruption Vulnerability
Tags: webkit memory operation memory-corruption vulnerability
0:00
Vuln: WebKit SVG CVE-2010-3113 Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit SVG CVE-2010-3113 Memory Corruption Vulnerability
Tags: webkit memory svg memory-corruption vulnerability
0:00
Vuln: WebKit MIME Type Handling CVE-2010-3116 Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit MIME Type Handling CVE-2010-3116 Memory Corruption Vulnerability
Tags: mime webkit type memory-corruption mime-type vulnerability
0:00
Vuln: WebKit Hover Event Handling Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Hover Event Handling Remote Code Execution Vulnerability
Tags: hover webkit event code-execution vulnerability
0:00
Vuln: WebKit Integer Truncation TCP Port Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Integer Truncation TCP Port Information Disclosure Vulnerability
Tags: integer webkit truncation information-disclosure-vulnerability
0:00
Vuln: WebKit Custom Vertical Positioning Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Custom Vertical Positioning Remote Code Execution Vulnerability
Tags: custom webkit vertical code-execution vulnerability
0:00
Vuln: WebKit for Apple iPhone/iPod Touch (CVE-2010-1781) Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit for Apple iPhone/iPod Touch (CVE-2010-1781) Remote Code Execution Vulnerability
Tags: touch ipod webkit apple-iphone code-execution
0:00
Vuln: WebKit 'foreignObject' Elements Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'foreignObject' Elements Use-After-Free Remote Code Execution Vulnerability
Tags: free webkit foreignobject code-execution vulnerability elements
0:00
Vuln: WebKit CVE-2010-1783 Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2010-1783 Remote Memory Corruption Vulnerability
Tags: webkit remote memory memory-corruption vulnerability
0:00
Vuln: WebKit CVE-2010-3257 Stale Pointer Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CVE-2010-3257 Stale Pointer Denial of Service Vulnerability
Tags: webkit pointer stale service-vulnerability denial-of-service
October 07, 2010
0:00
Vuln: WebKit for Apple iPhone/iPod Touch (CVE-2010-1781) Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit for Apple iPhone/iPod Touch (CVE-2010-1781) Remote Code Execution Vulnerability
Tags: touch ipod webkit apple-iphone code-execution
September 27, 2010
0:00
Vuln: WebKit HTTP Redirects Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit HTTP Redirects Information Disclosure Vulnerability
Tags: webkit http redirects information-disclosure-vulnerability
0:00
Vuln: WebKit Fonts Handling Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Fonts Handling Remote Code Execution Vulnerability
Tags: webkit handling fonts code-execution vulnerability
0:00
Vuln: WebKit Keyboard Focus Cross Domain Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Keyboard Focus Cross Domain Information Disclosure Vulnerability
Tags: keyboard webkit focus information-disclosure-vulnerability keyboard-focus domain-information
September 21, 2010
0:00
Vuln: WebKit Just-In-Time Compiled JavaScript Stubs Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Just-In-Time Compiled JavaScript Stubs Remote Code Execution Vulnerability
Tags: javascript webkit time code-execution stubs vulnerability
0:00
Vuln: WebKit Regular Expression Handling Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Regular Expression Handling Remote Memory Corruption Vulnerability
Tags: webkit expression handling memory-corruption regular-expression vulnerability
0:00
Vuln: WebKit Geolocation Events Use After Free Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Geolocation Events Use After Free Memory Corruption Vulnerability
Tags: geolocation use webkit memory-corruption free-memory
September 15, 2010
0:00
Vuln: WebKit Regular Expression Handling Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Regular Expression Handling Remote Memory Corruption Vulnerability
Tags: webkit expression handling memory-corruption regular-expression vulnerability
0:00
Vuln: WebKit Just-In-Time Compiled JavaScript Stubs Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Just-In-Time Compiled JavaScript Stubs Remote Code Execution Vulnerability
Tags: javascript webkit time code-execution stubs vulnerability
0:00
Vuln: WebKit Geolocation Events Use After Free Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Geolocation Events Use After Free Memory Corruption Vulnerability
Tags: geolocation use webkit memory-corruption free-memory
0:00
Vuln: WebKit 'WebCore::toAlphabetic()' Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'WebCore::toAlphabetic()' Memory Corruption Vulnerability
Tags: webkit webcore memory memory-corruption vulnerability
September 14, 2010
0:00
Vuln: WebKit SVG Animation Elements User After Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit SVG Animation Elements User After Free Remote Code Execution Vulnerability
Tags: elements remote svg code-execution webkit vulnerability
0:00
Vuln: WebKit 'window.open()' method Cross Domain Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'window.open()' method Cross Domain Scripting Vulnerability
Tags: webkit method window vulnerability

September 13, 2010
19:01
ZDI-10-170.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-170 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's support of an element containing the run-in property. When a block box is appended as the sibling of a run-in box, the run-in box will be promoted to the first inline box. This implies that the first inline box will be destroyed. Later when the application attempts to destroy this element, it will access memory that has been freed. If an attacker can substitute an alternate type in the element's place, the attacker will have code execution under the context of the application.
Tags: vulnerability box element apple-safari code-execution webkit

13:01
Bugtraq: ZDI-10-170: Apple Safari Webkit Runin Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

ZDI-10-170: Apple Safari Webkit Runin Remote Code Execution Vulnerability
Tags: runin remote webkit apple-safari code-execution zdi
0:00
Vuln: WebKit Element Run-In Styling Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Element Run-In Styling Use-After-Free Remote Code Execution Vulnerability
Tags: styling element webkit code-execution vulnerability

September 11, 2010
13:00
webkit-corrupt.txt
» ‎ Packet Storm Security Exploits

Webkit on Apple Safari versions prior to 4.1.2 and 5.0.2 and Google Chrome versions prior to 5.0.375.125 suffers from a memory corruption vulnerability.
Tags: txt google webkit apple-safari memory-corruption

September 09, 2010
14:00
Web controlled watering can
» ‎ Hack a Day

Here’s a watering can and water vortex that are controlled with a webkit browser interface. The interface displays a drawing of the watering can on your browser. If you grab one of the handles on the circle around the image and move it, the can will rotate as well. Okay, so this isn’t going to [...]
Tags: interface browser watering browser-interface webkit vortex home hacks

September 02, 2010
0:00
Vuln: WebKit 'font-face' and 'use' Elements Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'font-face' and 'use' Elements Use-After-Free Remote Code Execution Vulnerability
Tags: free webkit remote code-execution vulnerability
0:00
Vuln: WebKit Regular Expression Handling Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Regular Expression Handling Remote Memory Corruption Vulnerability
Tags: webkit expression handling memory-corruption regular-expression vulnerability
0:00
Vuln: WebKit JavaScript Array Signedness Error Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit JavaScript Array Signedness Error Remote Code Execution Vulnerability
Tags: javascript webkit array javascript-array code-execution vulnerability
0:00
Vuln: WebKit 'use' Element Handling Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'use' Element Handling Remote Memory Corruption Vulnerability
Tags: element webkit use memory-corruption vulnerability

0:00
iTunes Update Plugs WebKit Flaw
» ‎ Packet Storm Security Headlines

iTunes Update Plugs WebKit Flaw
Tags: webkit update plugs

August 17, 2010
0:00
Vuln: WebKit CSS-Styled HTML Handling Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CSS-Styled HTML Handling Remote Code Execution Vulnerability
Tags: webkit html css-styled code-execution vulnerability
0:00
Vuln: WebKit SVG Image Pattern Cross Domain Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit SVG Image Pattern Cross Domain Security Bypass Vulnerability
Tags: webkit image svg image-pattern vulnerability
0:00
Vuln: WebKit 'history.replaceState' Cross-Origin Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'history.replaceState' Cross-Origin Information Disclosure Vulnerability
Tags: replacestate webkit history information-disclosure-vulnerability
0:00
Vuln: WebKit Custom Vertical Positioning Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Custom Vertical Positioning Remote Code Execution Vulnerability
Tags: custom webkit vertical code-execution vulnerability

August 12, 2010
20:00
ZDI-10-153.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-153 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's process for handling floating elements within an SVG document. During layout of the element, the application will mismanage references to the floating element. Later the application will attempt to destroy this reference triggering corruption. Successful exploitation can lead to code execution under the context of the application.
Tags: vulnerability application element apple-safari svg-document webkit
20:00
ZDI-10-154.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-154 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. Authentication is not required to exploit this vulnerability. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's support of the 'first-letter' css style. If a particular container has the first-letter style applied to it, the library will create a dual reference of text associated with the style for rendering. Later upon repainting or style recalculation, the application will access the freed memory which can lead to code execution under the context of the application.
Tags: vulnerability style webkit apple-safari letter-style
0:00
ZDI-10-144.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-144 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's support for generated content. When utilizing generated content on a particular element, the library will insert more than one reference of the generated element element. During page destruction the application will navigate through the reference to discover more elements to destroy. This can lead to code execution under the context of the application.
Tags: vulnerability webkit element apple-safari element-element

0:00
Vuln: WebKit Editable Containers Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Editable Containers Remote Code Execution Vulnerability
Tags: code remote execution code-execution webkit editable
0:00
Vuln: WebKit Resource Load Callback Information Disclosure Weakness
» ‎ SecurityFocus Vulnerabilities

WebKit Resource Load Callback Information Disclosure Weakness
Tags: webkit load resource resource-load information-disclosure
August 09, 2010
14:00
Bugtraq: ZDI-10-146: Apple Webkit Anchor Tag Mouse Click Event Dispatch Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

ZDI-10-146: Apple Webkit Anchor Tag Mouse Click Event Dispatch Remote Code Execution Vulnerability
Tags: mouse tag anchor apple-webkit anchor-tag code-execution webkit
0:00
Vuln: WebKit CSS Counters Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CSS Counters Remote Memory Corruption Vulnerability
Tags: css remote memory memory-corruption webkit vulnerability

August 06, 2010
12:01
ZDI-10-141.txt
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 10-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's layout implementation of an particular tag used for embedding a foreign document into the SVG namespace. Later when the application attempts to calculate layout information for rendering the contents of the tag, the application will attempt to access a linebox that was previously destroyed. Successful exploitation can lead to code execution under the context of the application.
Tags: vulnerability application webkit apple-safari target

12:00
ZDI-10-141.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's layout implementation of an particular tag used for embedding a foreign document into the SVG namespace. Later when the application attempts to calculate layout information for rendering the contents of the tag, the application will attempt to access a linebox that was previously destroyed. Successful exploitation can lead to code execution under the context of the application.
Tags: vulnerability application webkit apple-safari target

July 29, 2010
0:00
Vuln: WebKit 'font-face' and 'use' Elements Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'font-face' and 'use' Elements Use-After-Free Remote Code Execution Vulnerability
Tags: free webkit remote code-execution vulnerability
0:00
Vuln: WebKit 'foreignObject' Elements Use-After-Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'foreignObject' Elements Use-After-Free Remote Code Execution Vulnerability
Tags: free webkit foreignobject code-execution vulnerability elements
July 13, 2010
0:00
Vuln: WebKit Resource Load Callback Information Disclosure Weakness
» ‎ SecurityFocus Vulnerabilities

WebKit Resource Load Callback Information Disclosure Weakness
Tags: webkit load resource resource-load information-disclosure

July 05, 2010
0:31
Apple Safari WebKit HTML Button Use-after-free Vulnerability
» ‎ SecuriTeam

A vulnerability was discovered in Apple Safari for Windows, Mac OS X and iPhone.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: webkit vulnerability html mac-os apple-safari apple-safari-for-windows mac-os-x safari-for-windows
July 02, 2010
0:30
Apple Webkit Attribute Child Removal Remote Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute remote code on vulnerable installations of Apple Webkit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code vulnerability attribute apple-webkit code-execution safer-use webkit
July 01, 2010
16:58
Apple Webkit First-Letter Pseudo-Element Style Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: code first vulnerability apple-webkit code-execution safer-use webkit

June 21, 2010
0:00
Vuln: WebKit Right-to-Left Displayed Text Handling Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Right-to-Left Displayed Text Handling Memory Corruption Vulnerability
Tags: left webkit displayed memory-corruption vulnerability
June 18, 2010
0:00
Vuln: WebKit ':visited' CSS Pseudo-class Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit ':visited' CSS Pseudo-class Information Disclosure Vulnerability
Tags: information-disclosure-vulnerability webkit
0:00
Vuln: WebKit HTTP URI Clipboard Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit HTTP URI Clipboard Information Disclosure Vulnerability
Tags: webkit http information uri-clipboard information-disclosure-vulnerability
June 16, 2010
0:00
Vuln: WebKit 'frame.src' Validation Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'frame.src' Validation Cross Site Scripting Vulnerability
Tags: src webkit frame frame-src cross-site-scripting vulnerability
0:00
Vuln: WebKit DOM Range Objects Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit DOM Range Objects Remote Code Execution Vulnerability
Tags: webkit objects remote dom-range code-execution
June 14, 2010
0:00
Vuln: WebKit SVG Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit SVG Remote Code Execution Vulnerability
Tags: webkit remote svg code-execution vulnerability
June 11, 2010
0:00
Vuln: WebKit ':visited' CSS Pseudo-class Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit ':visited' CSS Pseudo-class Information Disclosure Vulnerability
Tags: information-disclosure-vulnerability webkit
June 10, 2010
0:00
Vuln: WebKit Integer Truncation TCP Port Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Integer Truncation TCP Port Information Disclosure Vulnerability
Tags: integer webkit truncation information-disclosure-vulnerability
0:00
Vuln: WebKit Caption Element Handling Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Caption Element Handling Remote Code Execution Vulnerability
Tags: element webkit caption caption-element code-execution vulnerability
June 09, 2010
0:00
Vuln: WebKit Hover Event Handling Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Hover Event Handling Remote Code Execution Vulnerability
Tags: hover webkit event code-execution vulnerability
0:00
Vuln: WebKit Dragging or Pasting Cross Domain Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Dragging or Pasting Cross Domain Scripting Vulnerability
Tags: cross webkit pasting vulnerability
0:00
Vuln: WebKit Use After Free Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Use After Free Remote Code Execution Vulnerability
Tags: free use webkit code-execution vulnerability
0:00
Vuln: WebKit 'Node.normalize' Method Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit 'Node.normalize' Method Remote Code Execution Vulnerability
Tags: webkit method node code-execution vulnerability
0:00
Vuln: Webkit HTML Document Fragments Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

Webkit HTML Document Fragments Cross Site Scripting Vulnerability
Tags: html document webkit document-fragments vulnerability
0:00
Vuln: WebKit IRC Port Blacklist Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit IRC Port Blacklist Information Disclosure Vulnerability
Tags: webkit port irc information-disclosure-vulnerability

June 08, 2010
18:16
ZDI-10-101.txt
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 10-101 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support of the run-in display property. On insertion of a specific element with the run-in display property, the application will create a duplicate reference of a child element used to support that attribute. Upon destruction of the parent container, the application will then call the destructor for this child element multiple times. Successful exploitation can lead to code execution under the context of the application.
Tags: vulnerability application element apple-safari parent-container webkit

18:15
ZDI-10-094.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-094 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required in that a user must be coerced into viewing a website. The specific flaw exists within the way the library handles selections. If a particular element is selected by the application, an event can be triggered in order to interrupt execution handling a component of the selection. By modification of the elements contained in the selection by the interruption, an attacker can substitute contents of their own choosing in their place. This type switch can lead to code execution under the context of the application.
Tags: execution application user webkit zero-day arbitrary-code
18:15
ZDI-10-095.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-095 - This vulnerability allows remote attackers to execute arbitrary code on software utilizing a vulnerable version of Apple's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way that Apple's Webkit handles the DOCUMENT_POSITION_DISCONNECTED attribute when a container is removed. This attribute is responsible for ensuring that a node is disconnected from it's container and is implementation specific regarding the order of each node. If the disconnected element is removed from a particular type of container, the next time the application attempts to reference that container, the application will access memory that has been free which can lead to code execution under the context of the application.
Tags: vulnerability container application vulnerable-version webkit zero-day
18:15
applesafariwebkit-useafterfree.txt
» ‎ Packet Storm Security Advisories

Apple Safari WebKit suffers from a HTML button use-after-free vulnerability.
Tags: txt webkit html apple-safari html-button
18:15
ZDI-10-096.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-096 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the WebKit library handles recursively defined Use elements. Upon expanding the target of the use element within the tree, the application will create a dual-reference of a Use element. Upon page deconstruction the application will destroy the single reference and then attempt to destroy the second one that is currently occupying the recently freed memory. Successful exploitation can lead to code execution under the context of the application.
Tags: use vulnerability application webkit zero-day arbitrary-code
18:15
ZDI-10-097.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-097 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required in that a user must be coerced into visiting a malicious website. The specific flaw exists within the way Webkit inserts an element into an editable container. Immediately before the actual insertion the library will manipulate the contents of the field in order to insert the new node. Upon traversal of the tree by the library, the application will attempt to access an uninitialized element that was created prior to the insertion. Successful exploitation can lead to code execution under the context of the application.
Tags: element webkit user malicious-website zero-day
18:15
ZDI-10-098.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-098 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required in that a user must visit a website or open a malicious document. The specific flaw exists within the way Webkit implements the 'first-letter' css style. If a container with the first-color style has it's contents replaced with a particular element, the library will create a dual reference of the style in order to apply to its contents. Later when the element is freed, the dangling reference will still be applied to the style. Upon navigating the document's styles for either repainting or style recalculation, the application will access the freed memory which can lead to code execution under the context of the application.
Tags: style webkit user recalculation zero-day
18:15
ZDI-10-099.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-099 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with how WebKit inserts error messages into documents utilizing the SVG namespace. Upon a parsing error the library will attempt to access an element before repairing the XML. This will cause the library to access uninitialized memory which can lead to code execution under the context of the application.
Tags: vulnerability error webkit zero-day arbitrary-code
18:15
ZDI-10-100.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-100 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application duplicates event listeners in .svg documents. Upon creating an AnimateTransform object, the library will create a timer to handle the transformation and duplicate the object's event listener into Webkit's shadow tree of the image. Upon destruction of the shadow tree and the original tree, the application will destroy the Element containing the event listener twice. This can lead to code execution under the context of the application.
Tags: event tree application svg-documents webkit zero-day
18:15
ZDI-10-101.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-101 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support of the run-in display property. On insertion of a specific element with the run-in display property, the application will create a duplicate reference of a child element used to support that attribute. Upon destruction of the parent container, the application will then call the destructor for this child element multiple times. Successful exploitation can lead to code execution under the context of the application.
Tags: vulnerability application element apple-safari parent-container webkit

11:00
Bugtraq: ZDI-10-097: Apple Webkit ContentEditable moveParagraphs Uninitialized Element Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

ZDI-10-097: Apple Webkit ContentEditable moveParagraphs Uninitialized Element Remote Code Execution Vulnerability
Tags: element uninitialized contenteditable apple-webkit code-execution webkit

April 27, 2010
1:00
Webkit (Safari v4.0.5) Stack Exhaustion DoS
» ‎ 1337day (was: Inj3ct0r, 1337db)

Webkit (Safari v4.0.5) Stack Exhaustion DoS
Tags: safari webkit stack exhaustion

April 26, 2010
22:00
webkit-stack.txt
» ‎ Packet Storm Security Recent Files

WebKit versions 532.5 and below stack exhaustion exploit.
Tags: txt webkit exhaustion stack

22:00
webkit-stack.txt
» ‎ Packet Storm Security Exploits

WebKit versions 532.5 and below stack exhaustion exploit.
Tags: txt webkit exhaustion stack

1:00
WebKit Stack Exhaustion
» ‎ 1337day (was: Inj3ct0r, 1337db)

WebKit Stack Exhaustion
Tags: exhaustion webkit stack

March 31, 2010
0:00
Vuln: WebKit Right-to-Left Displayed Text Handling Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Right-to-Left Displayed Text Handling Memory Corruption Vulnerability
Tags: left webkit displayed memory-corruption vulnerability
March 23, 2010
0:00
Vuln: WebKit CSS 'format()' Arguments Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit CSS 'format()' Arguments Memory Corruption Vulnerability
Tags: format webkit css memory-corruption css-format

March 16, 2010
20:12
Apple WebKit CSS Run-in Attribute Rendering Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari and other WebKit based browsers.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: vulnerability css run-in apple-safari apple-webkit safer-use webkit

19:10
ZDI-10-030.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-030 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari and other WebKit based browsers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of the run-in value for display CSS styles. A specially crafted web page can cause a use after free() condition in WebKit's WebCore::RenderBlock() method. This can be further leveraged by attackers to execute arbitrary code under the context of the current user.
Tags: webkit code vulnerability apple-safari webcore
19:09
ZDI-10-031.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-031 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable software utilizing Apple's WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to a failure to unregister a callback pointer during the destruction of a particular type of element when embedded inside a 'blink' container. The application dereferences the original resource which can can be leveraged by an attacker to execute arbitrary code under the context of the current user.
Tags: code vulnerability user library-user webkit zero-day

12:00
Bugtraq: ZDI-10-031: Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

ZDI-10-031: Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability
Tags: dangling-pointer code-execution webkit
March 15, 2010
0:00
Vuln: WebKit Nested HTML Tags Use-After-Free Error Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Nested HTML Tags Use-After-Free Error Remote Code Execution Vulnerability
Tags: webkit nested html code-execution free-error html-tags

March 06, 2010
16:00
WebKit Style Tag Remote Denial of Service Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

WebKit Style Tag Remote Denial of Service Vulnerability
Tags: webkit style tag service-vulnerability denial-of-service style-tag

March 05, 2010
0:00
Vuln: WebKit Style Tag Remote Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Style Tag Remote Denial of Service Vulnerability
Tags: webkit style tag service-vulnerability denial-of-service style-tag
February 24, 2010
0:00
Vuln: WebKit Style Tag Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Style Tag Remote Memory Corruption Vulnerability
Tags: webkit style tag memory-corruption style-tag vulnerability
February 03, 2010
0:00
Vuln: WebKit Numeric Character References Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Numeric Character References Remote Memory Corruption Vulnerability
Tags: character webkit numeric numeric-character-references memory-corruption
0:00
Vuln: WebKit DOM Event Handler Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit DOM Event Handler Remote Memory Corruption Vulnerability
Tags: handler webkit remote dom-event memory-corruption vulnerability
February 02, 2010
0:00
Vuln: WebKit Multiple Remote Code Execution, Denial of Service, and Information Disclosure Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

WebKit Multiple Remote Code Execution, Denial of Service, and Information Disclosure Vulnerabilities
Tags: multiple webkit remote code-execution information-disclosure denial-of-service
0:00
Vuln: WebKit Resource Load Callback Information Disclosure Weakness
» ‎ SecurityFocus Vulnerabilities

WebKit Resource Load Callback Information Disclosure Weakness
Tags: webkit load resource resource-load information-disclosure
January 27, 2010
0:00
Vuln: WebKit Numeric Character References Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

WebKit Numeric Character References Remote Memory Corruption Vulnerability
Tags: character webkit numeric numeric-character-references memory-corruption

jetlib.sec » Tags » webkit

Feeds

241 items tagged "webkit"

Tags: advisory safari webkit apple-security security-advisory vulnerabilities

Tags: advisory safari webkit apple-security security-advisory vulnerabilities

Tags: memory-corruption webkit security-advisory

Tags: memory-corruption webkit security-advisory

Tags: memory-corruption webkit security-advisory

Tags: multiple webkit unspecified memory-corruption

Tags: format webkit css memory-corruption css-format

Tags: multiple webkit unspecified memory-corruption

Tags: multiple webkit unspecified

Tags: multiple webkit unspecified memory-corruption

Tags: cross domain android domain-issues webkit protocol

Tags: cross domain android domain-issues webkit protocol

Tags: cross domain android domain-issues webkit protocol

Tags: webkit method node code-execution vulnerability

Tags: normalize android webkit proof-of-concept exploit

Tags: normalize android webkit proof-of-concept exploit

Tags: normalize android webkit proof-of-concept exploit

Tags: day bug webkit

Tags: bug android webkit exploits

Tags: code vulnerability execution apple-webkit code-execution safer-use webkit

Tags: code vulnerability webkit apple-safari code-execution safer-use

Tags: code vulnerability webkit apple-safari element-code code-execution

Tags: information-disclosure-vulnerability webkit

Tags: webkit memory svg memory-corruption vulnerability

Tags: webkit memory svg memory-corruption vulnerability

Tags: format webkit css memory-corruption css-format

Tags: bound svg webkit service-vulnerability denial-of-service array

Tags: file creation webkit apple-safari windows-management-instrumentation instrumentation-service creation-vulnerability

Tags: file creation webkit apple-safari windows-management-instrumentation instrumentation-service creation-vulnerability

Tags: file creation webkit apple-safari windows-management-instrumentation instrumentation-service creation-vulnerability

Tags: code-execution webkit vulnerability

Tags: memory-corruption code-execution webkit

Tags: bound svg webkit service-vulnerability denial-of-service array

Tags: corruption remote memory memory-corruption code-execution webkit

Tags: corruption remote memory memory-corruption code-execution webkit

Tags: code remote libxslt code-execution webkit vulnerability

Tags: javascript webkit expression apple-safari buffer-overflow-vulnerability regular-expression

Tags: day zero application apple-safari zero-day webkit

Tags: day zero application apple-safari zero-day webkit

Tags: day zero application apple-safari zero-day webkit

Tags: code remote style code-execution webkit zdi

Tags: day zero vulnerability apple-safari zero-day webkit

Tags: day zero vulnerability apple-safari zero-day webkit

Tags: day zero vulnerability apple-safari zero-day webkit

Tags: marker svg webkit apple-safari code-execution zdi

Tags: code remote webkit code-execution zdi

Tags: day zero element apple-safari zero-day webkit

Tags: day zero element apple-safari zero-day webkit

Tags: day zero element apple-safari zero-day webkit

Tags: corruption remote memory memory-corruption code-execution webkit

Tags: corruption remote memory memory-corruption code-execution webkit

Tags: code vulnerability webkit apple-safari element-code body-element code-execution

Tags: safari memory webkit memory-corruption proof-of-concept

Tags: safari memory webkit memory-corruption proof-of-concept

Tags: safari memory webkit memory-corruption proof-of-concept

Tags: code webkit svg dom memory-corruption object-pointer dimensional-vector

Tags: code webkit svg dom memory-corruption object-pointer dimensional-vector

Tags: code webkit svg dom memory-corruption object-pointer dimensional-vector

Tags: corruption remote memory memory-corruption code-execution webkit

Tags: block integer webkit apple-safari integer-overflow-vulnerability overflow-error

Tags: scroll vulnerability webkit apple-safari safer-use

Tags: code vulnerability webkit apple-safari code-execution safer-use

Tags: code vulnerability webkit code-execution tag-removal safer-use

Tags: code vulnerability webkit apple-safari dom-prototype code-execution safer-use

Tags: code vulnerability webkit text-element code-execution safer-use

Tags: iframe vulnerability webkit apple-safari safer-use

Tags: code library webkit apple-iphone javascript-array code-execution

Tags: code vulnerability root apple-webkit code-execution safer-use webkit

Tags: code vulnerability webkit apple-safari code-execution safer-use

Tags: webkit style handling memory-corruption vulnerability

Tags: webkit tags wbr code-execution vulnerability

Tags: webkit tags wbr code-execution vulnerability

Tags: webkit wbr pwn code-execution tag-removal zdi