BROWSER-WEBKIT -- Snort has detected traffic known to exploit vulnerabilities present in the Webkit browser engine (aside from Chrome) this includes Appleâ€™s Safari, RIMâ€™s mobile browser, Nokia, KDE, Webkit itself, and Palm. Attacks often insert code via exploits, cause webkit renderings in the browser to crash, or otherwise create chaos or exploit for entrance.
BROWSER-WEBKIT Apple Safari WebKit out-of-bounds read attempt
This event is generated when an attacker attempts to exploit CVE-2019-8689.
Attempted User Privilege Gain
Safari Webkit is vulnerable to an out-of-bounds read in the ArgumentsEliminationPhase::transform function. An attacker who abuses this may be able to access memory they otherwise would not be allowed to access. This exploit may be used in an attempt to compromise a victim machine.
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2019-8689Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
||Ease of Access||MEDIUM