Apple Webkit shiftCountWithArrayStorage Out of Bounds Read/Write

Strike ID:
D19-0mex1
CVSS:
8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
1
Year:
2018

Description

This strike exploits a vulnerability in Apple Webkit. It is possible to craft Javascript in such a way that an Out of Bounds Read/Write can occur in shiftCountWithArrayStorage. This can cause memory corruption to occur leading to a denial of service in the browser or potentially lead to remote code execution.

CVE

Google