Sid 1-50160

Message

BROWSER-WEBKIT Apple Webkit SVGTextLayoutAttributes use-after-free attempt

Summary

This event is generated when a Webkit 'WebCore::SVGTextLayoutAttributes::context' Use-After-Free is detected. This vulnerability may lead to arbitrary code execution if a victim accesses a maliciously crafted webpage.

Impact

Attempted User Privilege Gain

Detailed information

Affected systems

Ease of attack

False positives

False negatives

Corrective action

Contributors

• Cisco Talos Intelligence Group

Additional References

• CVE-2018-4318
• support.apple.com/en-us/HT209141