Here's the page we think you wanted. See search results instead:

Chat Live

Welcome

You are signed as:

My Profile
Logout

Please Confirm

Confirm your country to access relevant pricing, special offers, events, and contact information.

What are you looking for?

I'm looking for support Pro Oscilloscopes Handheld Spectrum Analyzers Compact Signal Generators Find a solution Get technical support Take a class Find us at events Premium used equipment KeysightCare Buy online

No product matches found - System Exception

Apple Safari Webkit AIR Dangling Pointer Register

Strike ID:

E19-0xcj1

CVSS:

8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

False Positive:

Variants:

Year:

2019

Description

This strike exploits a vulnerability in Apple Safari Webkit. Specifically after optimizations are performed on AIR code, a register gets marked as late use and ultimately is determined to be a dead register and discarded. It may be possible for an attacker to construct Javascript in such a way that it is possible to control the data in this dangling register. This can cause a denial of service condition in the browser or potentially allow for remote code execution to occur.

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8611

Google

https://code.google.com/p/google-security-research/issues/detail?id=1788