Описание
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Exploit
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
EPSS
9.3 Critical
CVSS2