|
|
CVE Reference: CVE-2008-2317 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-2317 |
|
|
Description: WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the ownerNode property of a copied CSSStyleSheet object of a STYLE element, as originally demonstrated on Apple iPhone before 2.0 and iPod touch before 2.0, a different vulnerability than CVE-2008-1590. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/43737 SAID Secunia Advisory: SA31074 MISC http://www.zerodayinitiative.com/advisories/ZDI-08-045/ CONFIRM http://support.apple.com/kb/HT3298 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/494777/100/0/threaded BID 30186 APPLE http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html |
|
| Return to the previous page. |
