CVE-2011-0222
published 2011-07-21CVE-2011-0222: WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application…
PriorityP355critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
21.64%
97.3th percentile
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
Affected
56 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | safari | <= 5.0.5 | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_redhat6.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6538-27wv-ch9v: WebKit, as used in Apple Safari before 5
ghsa_unreviewed·2022-05-17
CVE-2011-0222 [HIGH] CWE-119 GHSA-6538-27wv-ch9v: WebKit, as used in Apple Safari before 5
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
OSV
CVE-2011-0222: WebKit, as used in Apple Safari before 5
osv·2011-07-21·CVSS 9.3
CVE-2011-0222 [CRITICAL] CVE-2011-0222: WebKit, as used in Apple Safari before 5
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
Red Hat
kernel: local privilege escalation via /sys/kernel/debug/acpi/custom_method
vendor_redhat·2010-11-13·CVSS 6.9
CVE-2010-4347 [MEDIUM] kernel: local privilege escalation via /sys/kernel/debug/acpi/custom_method
kernel: local privilege escalation via /sys/kernel/debug/acpi/custom_method
The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c.
Statement: This issue did not affect the version of Linux kernel as shipped with Red Hat
Enterprise Linux 4, 5, and 6 as they did not include upstream commit a1a541d8 and a25ee920 that introduced the problem. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0330.html.
Notes:
This requires debugfs to be mounted on a local system in order to have access to the custom_method file. Debugf
No detection rules found.
Exploit-DB
Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
exploitdb·2011-07-26·CVSS 9.3
CVE-2011-0222 [CRITICAL] Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
---
Abysssec Public Advisory
apple killed one of our 0day no point to keep it private anymore :(
there is another version of exploit using POPup and thats more
reliable but as you know safari block pop up by default so we found a
cool way to bypass it and stand alone module .
this exploiting using ROP to bypass permanent DEP.
note : Change spray range if not work on your machine.
CVE-2011-0222 :
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers
to execute arbitrary code or cause a denial of service (memory
corruption and application crash)
via a crafted web site a different vulnerability than other WebKit
CVEs listed in APPLE-SA-2011-07-20-1.
Tested on windows XP SP3 and safari 5.0.5
feel free to contac
Exploit-DB
Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
exploitdb·2011-07-25·CVSS 9.3
CVE-2011-0222 [CRITICAL] Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
---
/*
# Exploit Title: CVE-2011-0222 Safari SVG DOM processing PoC
# Date: 2011-07-25
# Author: Nikita Tarakanov (CISS Research Team), Alex Bazhanyuk (CISS Research Team)
# Software Link: http://www.apple.com/au/safari/download/
# Version: prior to 5.0.6, 5.1
# Tested on: Win XP SP3, Win 7 SP1
# CVE : CVE-2011-0222
# Status : Patched
*/
PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/17567.zip (CVE-2011-0222.zip)
No writeups or analysis indexed.
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.htmlhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2011//Jul/msg00002.htmlhttp://securityreason.com/securityalert/8313http://securityreason.com/securityalert/8315http://support.apple.com/kb/HT4808http://support.apple.com/kb/HT4981http://support.apple.com/kb/HT4999http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.htmlhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2011//Jul/msg00002.htmlhttp://securityreason.com/securityalert/8313http://securityreason.com/securityalert/8315http://support.apple.com/kb/HT4808http://support.apple.com/kb/HT4981http://support.apple.com/kb/HT4999
2011-07-21
Published