Intrusion Prevention

Apple.Safari.WebKit.Object.Outline.Memory.Corruption

Description

Safari is a web browser developed by Apple Inc. and included with the Mac OS X and iOS operating systems. First released as a public beta on January 7, 2003[4] on the company's Mac OS X operating system, it became Apple's default browser beginning with Mac OS X v10.3 "Panther". Safari is also the native browser for iOS.
In February 01, 2011, Apple released a Security Update regarding the security content of Safari 5.0.3 and Safari 4.1.3. memory corruption issue exists in WebKit's rendering of HTML object outlines. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management. (CVE-2010-1813)
Visiting a maliciously crafted website may cause an unexpected application termination or arbitrary code execution.

Affected Products

Apple Safari 4.1.2 and previous versions

Impact

Visiting a maliciously crafted website may cause an unexpected application termination or arbitrary code execution

Recommended Actions

As detailed in HT4455, Apple has released updates to address these issues. Please refer to http://support.apple.com/kb/HT4455 for more details.
For FortiGate users, turning on these IPS signatures can prevent exploitation of this vulnerability:
Apple.Safari.Webkit.Object.Outline.Memory.Corruption

CVE References

CVE-2010-1813