CVE-2014-1303 Apple Safari 7.0.2 任意代碼執行漏洞

From PwnWiki
Revision as of 11:11, 7 April 2021 by Pwnwiki (talk | contribs) (Created page with "==INFO== Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors,...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

INFO

Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.


Usage

$ python server.py
$ cd /path/to/webkitgtk2.1.2/
$ ./Programs/GtkLauncher http://localhost


POC

https://github.com/JustYoomoon/Exploit/blob/main/CVE-2014-1303.zip

Retrieved from "https://pwnwiki.com/index.php?title=CVE-2014-1303_Apple_Safari_7.0.2_任意代碼執行漏洞&oldid=1070"