WebKit Array.Splice Method Remote Code Execution Vulnerability
BID:53148
Info
WebKit Array.Splice Method Remote Code Execution Vulnerability
| Bugtraq ID: | 53148 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-0592 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 08 2012 12:00AM |
| Updated: | Mar 08 2012 12:00AM |
| Credit: | Alexander Gavrun |
| Vulnerable: |
WebKit Open Source Project WebKit 1.2.5 WebKit Open Source Project WebKit 1.2.3 WebKit Open Source Project WebKit 1.2.2 WebKit Open Source Project WebKit r82222 WebKit Open Source Project WebKit r77705 WebKit Open Source Project WebKit r52833 WebKit Open Source Project WebKit r52401 WebKit Open Source Project WebKit r51295 WebKit Open Source Project WebKit r38566 WebKit Open Source Project WebKit r105591 WebKit Open Source Project WebKit 2 WebKit Open Source Project WebKit 1.2.X WebKit Open Source Project WebKit 1.2.2-1 WebKit Open Source Project WebKit 0 Apple Safari 5.0.6 Apple Safari 4.1.2 for Windows Apple Safari 4.0.5 for Windows Apple Safari 4.0.5 Apple Safari 4.0.4 for Windows Apple Safari 4.0.4 Apple Safari 4.0.3 for Windows Apple Safari 4.0.3 Apple Safari 4.0.2 for Windows Apple Safari 4.0.2 Apple Safari 4.0.1 Apple Safari 5.1.1 for Windows Apple Safari 5.1.1 Apple Safari 5.1 for Windows Apple Safari 5.1 Apple Safari 5.0.6 for windows Apple Safari 5.0.5 for Windows Apple Safari 5.0.5 Apple Safari 5.0.4 for Windows Apple Safari 5.0.4 Apple Safari 5.0.3 for Windows Apple Safari 5.0.3 Apple Safari 5.0.2 for Windows Apple Safari 5.0.2 Apple Safari 5.0.1 for Windows Apple Safari 5.0.1 Apple Safari 5.0 for Windows Apple Safari 5.0 Apple Safari 4.1.3 for Windows Apple Safari 4.1.3 Apple Safari 4.1.2 Apple Safari 4.1.1 Apple Safari 4.1 Apple Safari 4.0 Beta Apple Safari 4.0 Apple Safari 4 for Windows Apple Safari 4 Beta Apple Safari 4 |
| Not Vulnerable: |
Apple Safari 5.1.4 for Windows Apple Safari 5.1.4 |
Exploit / POC
WebKit Array.Splice Method Remote Code Execution Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
WebKit Array.Splice Method Remote Code Execution Vulnerability
Solution:
Vendor fixes are available. Please see the referenced advisory for details.
Apple Safari 5.1.1 for Windows
Apple Safari 5.1 for Windows
Solution:
Vendor fixes are available. Please see the referenced advisory for details.
Apple Safari 5.1.1 for Windows
-
Apple APPLE-SA-2012-03-12-1-Safari_Setup.exe
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen
http://www.apple.com/safari/download/ -
Apple APPLE-SA-2012-03-12-1-SafariSetup.exe
Safari for Windows 7, Vista or XP
http://www.apple.com/safari/download/
Apple Safari 5.1 for Windows
-
Apple APPLE-SA-2012-03-12-1-Safari_Setup.exe
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen
http://www.apple.com/safari/download/ -
Apple APPLE-SA-2012-03-12-1-SafariSetup.exe
Safari for Windows 7, Vista or XP
http://www.apple.com/safari/download/