Intrusion Prevention

Apple.Safari.HTML.Image.Element.Handling.Use.After.Free

Description

This indicates an attack attempt against a memory-corruption vulnerability in Apple Safari.
The vulnerability is caused by a use-after-free error when the vulnerable software handles a specially crafted HTML image element. It allows a remote attacker to execute arbitrary code.

Affected Products

Apple Safari 4.0.4 for Windows
Apple Safari 4.0.4
Apple Safari 4.0.3 for Windows
Apple Safari 4.0.3
Apple Safari 4.0.2 for Windows
Apple Safari 4.0.2
Apple Safari 4.0.1
Apple Safari 4 for Windows
Apple Safari 4 Beta
Apple Safari 4

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest versions:
http://www.apple.com/safari/download/

CVE References

CVE-2010-0054