BROWSER-WEBKIT -- Snort has detected traffic known to exploit vulnerabilities present in the Webkit browser engine (aside from Chrome) this includes Appleâ€™s Safari, RIMâ€™s mobile browser, Nokia, KDE, Webkit itself, and Palm. Attacks often insert code via exploits, cause webkit renderings in the browser to crash, or otherwise create chaos or exploit for entrance.
This rule fires on attempts to exploit a type confusion vulnerability in Safari's WebKit Engine.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2019-8820Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
Tactic: Initial Access
Technique: Drive-by Compromise
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org