Apple WebKit : SVG First-Letter Style Remote Code Execution Vulnerability

Users of Apple WebKit please be advised of a SVG First-Letter Style Remote Code Execution Vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

Style

ZDI-10-142: ZDI-10-142: Apple Webkit SVG First-Letter Style Remote Code Execution Vulnerability

Apple WebKit

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Read more at www.criticalwatch.com

 

See this Amp at http://bit.ly/bExezu