Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 01:26
Type | Values Removed | Values Added |
---|---|---|
References | () http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 - | |
References | () http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html - | |
References | () http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html - | |
References | () http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html - | |
References | () http://secunia.com/advisories/44151 - | |
References | () http://secunia.com/advisories/44154 - | |
References | () http://support.apple.com/kb/HT4596 - | |
References | () http://support.apple.com/kb/HT4607 - | |
References | () http://twitter.com/aaronportnoy/statuses/45632544967901187 - | |
References | () http://www.computerworld.com/s/article/9214002/Safari_IE_hacked_first_at_Pwn2Own - | |
References | () http://www.securityfocus.com/archive/1/517505/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/517517/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/46822 - | |
References | () http://www.securitytracker.com/id?1025363 - | |
References | () http://www.vupen.com/english/advisories/2011/0984 - | |
References | () http://www.zdnet.com/blog/security/safarimacbook-first-to-fall-at-pwn2own-2011/8358 - | |
References | () http://www.zerodayinitiative.com/advisories/ZDI-11-135 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/66061 - |
Information
Published : 2011-03-10 20:55
Updated : 2024-11-21 01:26
NVD link : CVE-2011-1344
Mitre link : CVE-2011-1344
CVE.ORG link : CVE-2011-1344
JSON object : View
Products Affected
apple
- iphone
- ipod_touch
- iphone_os
- ipad
- safari
CWE
CWE-399
Resource Management Errors