|
|
CVE Reference: CVE-2007-3944 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3944 |
|
|
Description: Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/35577 ST 1018439 SAID Secunia Advisory: SA26287 MISC http://www.securityevaluators.com/iphone/ http://www.securityevaluators.com/iphone/exploitingiphone.pdf http://www.nytimes.com/2007/07/23/technology/23iphone.html?_r=1&adxnnl=1&adxnnlx=1185163364-1OTsRJvbylLamj17FY2wnw&oref=slogin CONFIRM http://docs.info.apple.com/article.html?artnum=306173 http://docs.info.apple.com/article.html?artnum=306174 BID 25002 |
|
| Return to the previous page. |
