Apple Safari "parent.close()" Code Execution Vulnerability
Last Update Date:
28 Jan 2011
Release Date:
10 May 2010
5309
Views
RISK: Medium Risk
A vulnerability has been identified in Apple Safari, which could be exploited by attackers to compromise a vulnerable system.
The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows.
Impact
- Remote Code Execution
System / Technologies affected
- Apple Safari 4.x
Solutions
There is no patch available for this vulnerability currently.
Vulnerability Identifier
- No CVE information is available
Source
Share with