Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3845

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2011-3845
Last Modified 08 Mar 2012 12:00:00
Published 07 Mar 2012 11:15:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2011-3845

Summary

Use-after-free vulnerability in Apple Safari 5.1.2, when a plug-in with a blocking function is installed, allows user-assisted remote attackers to execute arbitrary code via a crafted web page that is accessed during user interaction with the plug-in, leading to improper coordination between an API call and the plug-in unloading functionality, as demonstrated by the Adobe Flash and RealPlayer plug-ins.

Vulnerable Systems

Application

  • Apple Safari 5.1.2


References

SECUNIA - 45758


Last Updated: 27 May 2016 10:58:20