![]() ![]() After the user visits the malicious web page, no further user interaction is needed. An attacker typically accomplishes this via social engineering or injecting content into compromised, trusted sites. To exploit this vulnerability, a targeted user must load a malicious web page created by an attacker. The freed memory is then treated as a C++ object, which can lead to attacker controlled values being used as function pointers.Įxploitation of this vulnerability results in the execution of arbitrary code with the privileges of the user viewing the web page. However, when an error in the remaining HTML is encountered, these previously freed tag values are referenced. When JavaScript code sets this property, child elements of the tag are freed. The vulnerability occurs when JavaScript code is used to set a certain property of an HTML tag within a web page. Remote exploitation of a memory corruption vulnerability in multiple vendors' WebKit browser engine could allow an attacker to execute arbitrary code with the privileges of the current user. ![]() For more information, see the vendor's site at the following link. It is currently used by the Apple Inc.'s Safari browser, as well as by Google's Chrome browser. ![]() WebKit is an open source web browser engine. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |