OSVDB ID: 43980 Title: Apple Safari WebKit (JavaScriptCore/pcre/pcre_compile.cpp) PCRE Nested Repetition Count Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
A buffer overflow exists in Safari. The WebKit component fails to validate JavaScript regular expressions resulting in a heap overflow. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
Classification |
Location:
Local Access Required,
Remote/Network Access Required
Attack Type: Input Manipulation Impact: Loss of Integrity Solution: Upgrade Exploit: Exploit Rumored / Private Disclosure: Vendor Verified OSVDB: Context Dependent, Web Related |
Solution |
Upgrade to version 3.1.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
|
References |
|
Credit |
|