Strike ID:
E19-0x9y1
CVSS:
7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2019

Description

This strike exploits a vulnerability in Apple Webkit JavaScriptCore. Specifically, the vulnerability exists during JIT compilation in FTL. It occurs when a loop-invariant code motion moves access to an array before a bounds check occurs. When this happens a denial of service condition, or potentially remote code execution, may occur.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}