CVE-2011-3845 in Safariinfo

Summary

Use-after-free vulnerability in Apple Safari 5.1.2, when a plug-in with a blocking function is installed, allows user-assisted remote attackers to execute arbitrary code via a crafted web page that is accessed during user interaction with the plug-in, leading to improper coordination between an API call and the plug-in unloading functionality, as demonstrated by the Adobe Flash and RealPlayer plug-ins.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

09/26/2011

Disclosure

03/07/2012

Moderation

VulDB entry created

Entries

VDB-4722 (1)

CPE

ready

CWE

CWE-399 (Confirmed)

CVSS

6.5

EPSS

0.02402

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-3845
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-3845
CVE Details	https://www.cvedetails.com/cve/CVE-2011-3845/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!