Apple Safari "KHTMLParser::popOneBlock()" Client-Side Memory Corruption Vulnerability
Technical Description



A vulnerability has been identified in Apple Safari, which could beexploited by remote attackers to crash a vulnerable browser or takecomplete control of an affected system. This flaw is due to a memorycorruption error in the "KHTMLParser::popOneBlock()" function whenhandling a script element in a div object redefining the document body,which could be exploited by attackers to cause a denial of service orexecute arbitrary commands by convincing a user to visit a speciallycrafted Web page.



Affected Products



Apple Safari version 2.0.4 (419.3) and prior
더보기

댓글,