BROWSER-WEBKIT -- Snort has detected traffic known to exploit vulnerabilities present in the Webkit browser engine (aside from Chrome) this includes Apple’s Safari, RIM’s mobile browser, Nokia, KDE, Webkit itself, and Palm. Attacks often insert code via exploits, cause webkit renderings in the browser to crash, or otherwise create chaos or exploit for entrance.
BROWSER-WEBKIT Apple Safari JSValues type confusion attempt
This event is generated when an attempt to exploit a confusion type in Safari for iOS devices has been detected Impact: High Details: Through standard heap manipulation techniques it is possible to control the uninitialized data, at which point it becomes possible to construct the well-known addrof and fakeobj primitives through a type confusion between doubles and JSValues and thus gain memory read/write by constructing a fake TypedArray. Ease of Attack: Simple
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2017-7064 |
Loading description
|