Blog | G5 Cyber Security

Vulnerability Spotlight: Remote code execution vulnerability in WebKit WebAudio API

Marcin Icewall Noga of Cisco Talos discovered these vulnerabilities. The WebKit browser engine contains a remote code execution vulnerability in its WebAudio API interface. A malicious web page code could trigger a use-after-free error, which could lead to arbitrary code execution. An attacker could exploit this vulnerability by tricking the user into visiting a specially crafted web page to trigger this vulnerability. The following SNORT rules will detect exploitation attempts: 56126 – 56127.”]

Source: https://blog.talosintelligence.com/2021/03/vuln-spotlight-webkit-audio-api.html

Exit mobile version