Apple.Safari.URL.Protocol.Handler.Command.Injection

description-logoDescription

This vulnerability in Safari Beta 3 for Windows occurs due to the lack of proper input validation for the command line arguments passed to the various URL protocol handlers. It is possible to trigger this exploit without user interaction, simply by visiting a webpage.

affected-products-logoAffected Products

Safari Beta 3 for Windows.

Impact logoImpact

System Compromise, remote code execution.

recomended-action-logoRecommended Actions

Currenty we are not aware of any officially released patch or update.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)