Apple.Safari.URL.Protocol.Handler.Command.Injection
Description
This vulnerability in Safari Beta 3 for Windows occurs due to the lack of proper input validation for the command line arguments passed to the various URL protocol handlers. It is possible to trigger this exploit without user interaction, simply by visiting a webpage.
Affected Products
Safari Beta 3 for Windows.
Impact
System Compromise, remote code execution.
Recommended Actions
Currenty we are not aware of any officially released patch or update.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |