virus logo Intrusion Prevention

Apple.Safari.WebKit.SVG.Floating.Text.Element.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a code-execution vulnerability in Apple Webkit.
This issue is caused by an error when the vulnerable software handles malformed floating elements within an SVG document. It may allow remote attackers to execute arbitrary code by sending a crafted web page.

affected-products-logoAffected Products

Safari 4 (Mac OS X 10.4)
Safari 5 (Windows)
Safari 5 (Mac OS X 10.6)
Safari 5 (Mac OS X 10.5)

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for the suggested workaround:
http://support.apple.com/kb/HT4276

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-01-11 16.995
2020-10-21 16.947 Name:Apple.
WebKit.
SVG.
Floating.
Text.
Element.
Code.
Execution:Apple.
Safari.
WebKit.
SVG.
Floating.
Text.
Element.
Code.
Execution

References

http://www.zerodayinitiative.com/advisories/ZDI-10-153
ID 24110
Created Sep 02, 2010
Updated Jan 08, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2010-1787
Exploit Prediction Score 14.57%
Default Action drop
Active
Affected OS Windows, MacOS
Affected App Apple