CVE-2011-0222

Safari < 5.0.6 - Remote Code Execution via WebKit Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-0222. PoCs published by Abysssec, Nikita Tarakanov.

AI-analyzed exploit summary This exploit targets a memory corruption vulnerability in WebKit (CVE-2011-0222) to achieve remote code execution via a crafted website. It uses ROP to bypass DEP and is tested on Windows XP SP3 with Safari 5.0.5.

Description

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Exploits (2)

exploitdb WORKING POC
by Abysssec · textremotewindows
https://www.exploit-db.com/exploits/17575

This exploit targets a memory corruption vulnerability in WebKit (CVE-2011-0222) to achieve remote code execution via a crafted website. It uses ROP to bypass DEP and is tested on Windows XP SP3 with Safari 5.0.5.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Apple Safari before 5.0.6
No auth needed
Prerequisites: Victim must visit a crafted website using a vulnerable version of Safari
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Nikita Tarakanov · textdososx
https://www.exploit-db.com/exploits/17567

This exploit targets a vulnerability in Safari's SVG DOM processing, allowing arbitrary code execution via a crafted SVG file. The PoC is hosted externally and is known to work on unpatched versions of Safari prior to 5.0.6 and 5.1.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Apple Safari prior to 5.0.6, 5.1
No auth needed
Prerequisites: Victim must visit a malicious webpage or open a crafted SVG file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4999
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4808
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4981
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8313
Patch, Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8315

Scores

EPSS 0.2164
EPSS Percentile 97.3%

Details

CWE
CWE-119
Status published
Products (40)
apple/safari 1.0 (3 CPE variants)
apple/safari 1.0.0
apple/safari 1.0.0b1
apple/safari 1.0.0b2
apple/safari 1.0.1
apple/safari 1.0.2
apple/safari 1.0.3 (3 CPE variants)
apple/safari 1.1
apple/safari 1.1.0
apple/safari 1.1.1
... and 30 more
Published Jul 21, 2011
Tracked Since Feb 18, 2026