WebKit Multiple Unspecified Memory Corruption Vulnerabilities
BID:52365
Info
WebKit Multiple Unspecified Memory Corruption Vulnerabilities
| Bugtraq ID: | 52365 |
| Class: | Unknown |
| CVE: |
CVE-2011-2833 CVE-2011-2867 CVE-2011-2868 CVE-2011-2869 CVE-2011-2870 CVE-2011-2871 CVE-2011-2872 CVE-2011-2873 CVE-2012-0591 CVE-2012-0593 CVE-2012-0594 CVE-2012-0595 CVE-2012-0596 CVE-2012-0597 CVE-2012-0598 CVE-2012-0599 CVE-2012-0600 CVE-2012-0601 CVE-2012-0602 CVE-2012-0603 CVE-2012-0604 CVE-2012-0605 CVE-2012-0606 CVE-2012-0607 CVE-2012-0608 CVE-2012-0609 CVE-2012-0610 CVE-2012-0611 CVE-2012-0612 CVE-2012-0613 CVE-2012-0614 CVE-2012-0615 CVE-2012-0616 CVE-2012-0617 CVE-2012-0618 CVE-2012-0619 CVE-2012-0620 CVE-2012-0621 CVE-2012-0622 CVE-2012-0623 CVE-2012-0624 CVE-2012-0625 CVE-2012-0626 CVE-2012-0627 CVE-2012-0628 CVE-2012-0629 CVE-2012-0630 CVE-2012-0631 CVE-2012-0632 CVE-2012-0633 CVE-2012-0635 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 08 2012 12:00AM |
| Updated: | Apr 18 2012 09:20PM |
| Credit: | Dirk Schulze, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer, Cris Neckar of Google Chrome Security Team using AddressSanitizer, miaubiz, and Martin Barbella, Alexander Gavrun working with TippingPoint's Zero Day |
| Vulnerable: |
WebKit Open Source Project WebKit 1.2.5 WebKit Open Source Project WebKit 1.2.3 WebKit Open Source Project WebKit 1.2.2 WebKit Open Source Project WebKit r82222 WebKit Open Source Project WebKit r77705 WebKit Open Source Project WebKit r52833 WebKit Open Source Project WebKit r52401 WebKit Open Source Project WebKit r51295 WebKit Open Source Project WebKit r38566 WebKit Open Source Project WebKit 1.2.X WebKit Open Source Project WebKit 1.2.2-1 WebKit Open Source Project WebKit 0 Apple Safari 5.0.6 Apple Safari 4.1.2 for Windows Apple Safari 4.0.5 for Windows Apple Safari 4.0.5 Apple Safari 4.0.4 for Windows Apple Safari 4.0.4 Apple Safari 4.0.3 for Windows Apple Safari 4.0.3 Apple Safari 4.0.2 for Windows Apple Safari 4.0.2 Apple Safari 4.0.1 Apple Safari 3.2.3 for Windows Apple Safari 3.2.3 Apple Safari 5.1.1 for Windows Apple Safari 5.1.1 Apple Safari 5.1 for Windows Apple Safari 5.1 Apple Safari 5.0.6 for windows Apple Safari 5.0.5 for Windows Apple Safari 5.0.5 Apple Safari 5.0.4 for Windows Apple Safari 5.0.4 Apple Safari 5.0.3 for Windows Apple Safari 5.0.3 Apple Safari 5.0.2 for Windows Apple Safari 5.0.2 Apple Safari 5.0.1 for Windows Apple Safari 5.0.1 Apple Safari 5.0 for Windows Apple Safari 5.0 Apple Safari 4.1.3 for Windows Apple Safari 4.1.3 Apple Safari 4.1.2 Apple Safari 4.1.1 Apple Safari 4.1 Apple Safari 4.0 Beta Apple Safari 4.0 Apple Safari 4 for Windows Apple Safari 4 Beta Apple Safari 4 Apple iTunes 10.5.1 Apple iTunes 10.5 Apple iTunes 10.2.2 Apple iTunes 10.2 Apple iTunes 10.1 Apple iTunes 10 Apple iPod Touch 0 Apple iPhone 0 Apple iPad 0 Apple iOS 4.2.1 Apple iOS 4.0.2 Apple iOS 4.0.1 Apple iOS 3.2.2 Apple iOS 3.2.1 Apple iOS 5.0.1 Apple iOS 5 Apple iOS 4.3.5 Apple iOS 4.3.4 Apple iOS 4.3.3 Apple iOS 4.3.2 Apple iOS 4.3.1 Apple iOS 4.3 Apple iOS 4.2.9 Apple iOS 4.2.8 Apple iOS 4.2.7 Apple iOS 4.2.6 Apple iOS 4.2.5 Apple iOS 4.2.10 Apple iOS 4.2 beta Apple iOS 4.2 Apple iOS 4.1 Apple iOS 4 Apple iOS 3.2 Apple iOS 3.1 Apple iOS 3.0 Apple iOS 2.1 Apple iOS 2.0 |
| Not Vulnerable: |
Apple Safari 5.1.4 for Windows Apple Safari 5.1.4 Apple iTunes 10.6 Apple iOS 5.1 |
Discussion
WebKit Multiple Unspecified Memory Corruption Vulnerabilities
WebKit is prone to multiple unspecified memory-corruption vulnerabilities.
An attacker can exploit these issues by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application.
Few technical details are currently available. We will update this BID when more information emerges.
Successful exploits will allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible.
WebKit is prone to multiple unspecified memory-corruption vulnerabilities.
An attacker can exploit these issues by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application.
Few technical details are currently available. We will update this BID when more information emerges.
Successful exploits will allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible.
Exploit / POC
WebKit Multiple Unspecified Memory Corruption Vulnerabilities
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
NOTE: To exploit these issues through iTunes, an attacker must first execute a successful man-in-the-middle attack.
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
NOTE: To exploit these issues through iTunes, an attacker must first execute a successful man-in-the-middle attack.
Solution / Fix
WebKit Multiple Unspecified Memory Corruption Vulnerabilities
Solution:
Apple has released updates to address these issues for iTunes. Updates for other applications utilizing WebKit are not yet known to be available.
Apple Safari 5.1.1
Apple Safari 5.1.1 for Windows
Apple iTunes 10.5
Apple Safari 5.1
Apple iTunes 10.2.2
Apple iTunes 10.5.1
Solution:
Apple has released updates to address these issues for iTunes. Updates for other applications utilizing WebKit are not yet known to be available.
Apple Safari 5.1.1
-
Apple Safari5.1.4LionManual.dmg
Safari for OS X Lion v10.7.3
http://www.apple.com/safari/download/ -
Apple Safari5.1.4SnowLeopardManual.dmg
Safari for Mac OS X v10.6.8
http://www.apple.com/safari/download/
Apple Safari 5.1.1 for Windows
-
Apple APPLE-SA-2012-03-12-1-Safari_Setup.exe
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen
http://www.apple.com/safari/download/ -
Apple APPLE-SA-2012-03-12-1-SafariSetup.exe
Safari for Windows 7, Vista or XP
http://www.apple.com/safari/download/
Apple iTunes 10.5
-
Apple APPLE-SA-2012-03-07-1-iTunes64Setup.exe
For 64-bit Windows XP / Vista / Windows 7
http://www.apple.com/itunes/download/ -
Apple APPLE-SA-2012-03-07-1-iTunesSetup.exe
For Windows XP / Vista / Windows 7
http://www.apple.com/itunes/download/
Apple Safari 5.1
-
Apple Safari5.1.4LionManual.dmg
Safari for OS X Lion v10.7.3
http://www.apple.com/safari/download/ -
Apple Safari5.1.4SnowLeopardManual.dmg
Safari for Mac OS X v10.6.8
http://www.apple.com/safari/download/
Apple iTunes 10.2.2
-
Apple APPLE-SA-2012-03-07-1-iTunes64Setup.exe
For 64-bit Windows XP / Vista / Windows 7
http://www.apple.com/itunes/download/ -
Apple APPLE-SA-2012-03-07-1-iTunesSetup.exe
For Windows XP / Vista / Windows 7
http://www.apple.com/itunes/download/
Apple iTunes 10.5.1
-
Apple APPLE-SA-2012-03-07-1-iTunes64Setup.exe
For 64-bit Windows XP / Vista / Windows 7
http://www.apple.com/itunes/download/ -
Apple APPLE-SA-2012-03-07-1-iTunesSetup.exe
For Windows XP / Vista / Windows 7
http://www.apple.com/itunes/download/