>> Apple Safari for Mac OS X Remote Code Execution Vulnerability
Title : Apple Safari for Mac OS X Remote Code Execution Vulnerability VUPEN ID : VUPEN/ADV-2008-1980 CVE ID : CVE-2008-2307 CWE ID : CWE-19
Rated as : Critical
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2008-07-01
Technical Description
A vulnerability has been identified in Apple Safari for Mac OS X, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. This issue is caused by a memory corruption error in WebKit when handling malformed JavaScript arrays, which could be exploited to crash an affected browser or execute arbitrary code by tricking a user into visiting a specially crafted web page.