Rule Category

BROWSER-WEBKIT -- Snort has detected traffic known to exploit vulnerabilities present in the Webkit browser engine (aside from Chrome) this includes Apple’s Safari, RIM’s mobile browser, Nokia, KDE, Webkit itself, and Palm. Attacks often insert code via exploits, cause webkit renderings in the browser to crash, or otherwise create chaos or exploit for entrance.

Alert Message

BROWSER-WEBKIT Apple Safari WebKit handleIntrinsicCall type confusion attempt

Rule Explanation

This event is generated when an attempt to exploit Apple Safari via CVE-2018-4382 is detected. Impact: Attempted User Privilege Gain Details: A vulnerability exists in Apple Safari Webkit. Specifically the vulnerability exists in the ByteCodeParser::handleIntrinsicCall method. It is possible to craft Javascript in such a way that will cause type confusion to occur. This can lead to a denial of service or potentially allow for remote code execution to occur. Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives


Cisco Talos Intelligence Group

Rule Groups

No rule groups


Additional Links

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
Loading description