CVE-2011-3845

Sažetak

Use-after-free vulnerability in Apple Safari 5.1.2, when a plug-in with a blocking function is installed, allows user-assisted remote attackers to execute arbitrary code via a crafted web page that is accessed during user interaction with the plug-in, leading to improper coordination between an API call and the plug-in unloading functionality, as demonstrated by the Adobe Flash and RealPlayer plug-ins.

Reference

http://osvdb.org/79849
http://secunia.com/advisories/45758
http://www.securityfocus.com/bid/52325
https://exchange.xforce.ibmcloud.com/vulnerabilities/73713

CVSS

Base:	7.6
Impact:	10.0
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

05-01-2018 - 02:29

Objavljeno

08-03-2012 - 04:15