Apple Safari WebKit SVG Memory Corruption
Scalable Vector Graphics (SVG) is a family of specifications of an XML-based file format for describing two-dimensional vector graphics, both static and dynamic. The SVG specification is an open standard that has been under development by the World Wide Web Consortium (W3C) since 1999. SVG is supported by most modern web browsers, including Safari.
A memory corruption vulnerability has been found in the WebKit component of Safari. The vulnerability is due to the corruption of certain pointers in DOM objects relating to SVG elements. An attacker can exploit this vulnerability to inject and execute malicious code in the security context of the logged in user.
SonicWALL UTM team has researched this vulnerability and created the following IPS signatures to capture the attacks in the wild.
- 1149 Apple Safari SVG Object Memory Corruption 1
- 1158 Apple Safari SVG Object Memory Corruption 2
This vulnerability has been referred by CVE as CVE-2011-0222.