BROWSER-WEBKIT -- Snort has detected traffic known to exploit vulnerabilities present in the Webkit browser engine (aside from Chrome) this includes Apple’s Safari, RIM’s mobile browser, Nokia, KDE, Webkit itself, and Palm. Attacks often insert code via exploits, cause webkit renderings in the browser to crash, or otherwise create chaos or exploit for entrance.
BROWSER-WEBKIT Apple Safari Webkit WebCore memory corruption attempt
This event is generated when an attacker attempts to exploit a use after free vulnerability in Apple Safari WebKit WebCore. Impact: Attempted User Privilege Gain Details: An attacker who abuses this vulnerability may be able to execute remote code on a victim machine, leading to potential compromise of your internal network. Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-4200An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free. |
|
|||||||||||||||||||||||||||||||
©2023 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
