Apple Safari Plug-in Unloading Vulnerability

Last Update Date: 8 Mar 2012 12:15 Release Date: 8 Mar 2012 5266 Views

RISK: High Risk

High Risk

TYPE: Clients - Browsers

TYPE: Browsers

A vulnerability has been identified in Apple Safari, which can be exploited by malicious people to compromise a user's system.  The vulnerability is caused due to plug-ins being unloaded when navigating to a new page while the user interacts with the plug-in (e.g. displays the context menu). If the plug-in has called a blocking function (e.g. TrackPopupMenu) before Safari navigates to another page, the API call may block until after Safari unloaded the plug-in, which can lead to the API call returning to freed memory.

 

NOTE: Currently, there is no patch available for this vulnerability.

Impact

  • Remote Code Execution

System / Technologies affected

  • Apple Safari 5.x

Solutions

NOTE: Currently, there is no patch available for this vulnerability.

Vulnerability Identifier

Source

Related Link

Share with

Previous

FreeType Multilpe Vulnerabilities

8 Mar 2012 5208 Views

Next

Joomla! Multiple Vulnerabilities

8 Mar 2012 5298 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY