Rule Category

Alert Message

Rule Explanation

This event is generated when an attempt to exploit Apple Safari via CVE-2018-4382 is detected. Impact: Attempted User Privilege Gain Details: A vulnerability exists in Apple Safari Webkit. Specifically the vulnerability exists in the ByteCodeParser::handleIntrinsicCall method. It is possible to craft Javascript in such a way that will cause type confusion to occur. This can lead to a denial of service or potentially allow for remote code execution to occur. Ease of Attack:

What To Look For

Known Usage

No public information

False Positives

No known false positives

Contributors

MITRE ATT&CK Framework

Tactic:

Technique:

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

Additional Links

CVE Additional Information