Skip to main content

Apple Safari "parent.close()" Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 10 May 2010 5309 Views

RISK: Medium Risk

A vulnerability has been identified in Apple Safari, which could be exploited by attackers to compromise a vulnerable system.

The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows.


Impact

  • Remote Code Execution

System / Technologies affected

  • Apple Safari 4.x

Solutions

There is no patch available for this vulnerability currently.


Vulnerability Identifier

  • No CVE information is available

Source