BID:51035

WebKit 'font-face' Element Use-After-Free Remote Code Execution Vulnerability

Info

WebKit 'font-face' Element Use-After-Free Remote Code Execution Vulnerability

Bugtraq ID:	51035
Class:	Unknown
CVE:	CVE-2011-3443
Remote:	Yes
Local:	No
Published:	Nov 16 2011 12:00AM
Updated:	Nov 16 2011 12:00AM
Credit:	anonymous via iDefense
Vulnerable:	WebKit Open Source Project WebKit 0 Apple Safari 4.1.2 for Windows Apple Safari 4.0.5 for Windows Apple Safari 4.0.5 Apple Safari 4.0.4 for Windows Apple Safari 4.0.4 Apple Safari 4.0.3 for Windows Apple Safari 4.0.3 Apple Safari 4.0.2 for Windows Apple Safari 4.0.2 Apple Safari 4.0.1 Apple Safari 5.0.5 for Windows Apple Safari 5.0.5 Apple Safari 5.0.4 for Windows Apple Safari 5.0.4 Apple Safari 5.0.3 for Windows Apple Safari 5.0.3 Apple Safari 5.0.2 for Windows Apple Safari 5.0.2 Apple Safari 5.0.1 for Windows Apple Safari 5.0.1 Apple Safari 5.0 for Windows Apple Safari 5.0 Apple Safari 4.1.3 for Windows Apple Safari 4.1.3 Apple Safari 4.1.2 Apple Safari 4.1.1 Apple Safari 4.1 Apple Safari 4.0 Beta Apple Safari 4.0 Apple Safari 4 for Windows Apple Safari 4 Beta Apple Safari 4

Not Vulnerable:	Apple Safari 5.0.6 Apple Safari 5.1 for Windows Apple Safari 5.1 Apple Safari 5.0.6 for windows

Discussion

WebKit 'font-face' Element Use-After-Free Remote Code Execution Vulnerability

WebKit is prone to a remote code-execution vulnerability.

An attacker can exploit this issue by tricking an unsuspecting victim into viewing a web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the user running the affected application.

Exploit / POC

WebKit 'font-face' Element Use-After-Free Remote Code Execution Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

WebKit 'font-face' Element Use-After-Free Remote Code Execution Vulnerability

Solution:
Updates are available. Please see the references for more information.

References

WebKit 'font-face' Element Use-After-Free Remote Code Execution Vulnerability

References:

Apple Safari font-face Use-After-Free Vulnerability (iDefense)
Apple Safari Homepage (Apple)
Webkit Homepage (WebKit)
About the security content of Safari 5.1 and Safari 5.0.6 (Apple)