Vulnerability Spotlight: Remote code execution vulnerability in WebKit WebAudio API

Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. The WebKit browser engine contains a remote code execution vulnerability in its WebAudio API interface. A malicious web page code could trigger a use-after-free error, which could lead to arbitrary code execution. An attacker could exploit this vulnerability by tricking the user into visiting a specially crafted, malicious web page to trigger this vulnerability. In accordance with our coordinated...

[[ This is only the beginning! Please visit the blog for the complete entry ]]