Intrusion PreventionApple.Safari.WebKit.JSPropertyNameEnumerator.Type.Confusion
Description
This indicates an attack attempt to exploit a Memory Corruption vulnerability in WebKit, a component of Apple Safari.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted web page. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary code within the context of the application.
Affected Products
WebKit prior to iOS 12.1
WebKit prior to tvOS 12.1
WebKit prior to watchOS 5.1
WebKit prior to Safari 12.0.1
WebKit prior to iTunes 12.9.1
WebKit prior to iCloud for Windows 7
WebKit prior to iCloud for Windows 8
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://support.apple.com/kb/HT209192
https://support.apple.com/kb/HT209194
https://support.apple.com/kb/HT209195
https://support.apple.com/kb/HT209196
https://support.apple.com/kb/HT209197
https://support.apple.com/kb/HT209198
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 49519 |
| Created | Sep 30, 2020 |
| Updated | Nov 27, 2020 |
| Risk |
|
| CVE ID | CVE-2018-4416 |
| Exploit Prediction Score | 90.85% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, MacOS |
| Affected App | Apple |