BROWSER-WEBKIT Apple Safari WebKit out-of-bounds write attempt
Base Score: 8.8 HIGH
Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (V3 legend)
Impact Score: 5.9
Exploitability Score: 2.8
Confidentiality (C): High
Integrity (I): High
Availability (A): High
This exploit manipulates controlled JSC objects in order to perform an out-of-bounds write on the JSC heap in AppleWebKit. This could lead to arbitrary remote code execution or denial of service by a crafted website.
- iOS < v.10.3.2
- Safari < v.10.1.1
- tvOS < v.10.2.1
Ease of attack
Updated to the lastest supported iOS, Safari, and tvOS versions.
- Cisco Talos Intelligence Group