CVE-2011-1774

Cross Platform Webkit File Dropper

Title source: metasploit

Description

WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/17993

View Code ZIP pw:eip

metasploit WORKING POC

by Nicolas Gregoire · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/server/webkit_xslt_dropper.rb

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Nicolas Gregoire · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/safari_xslt_output.rb

View Code ZIP pw:eip

References (7)

[Mailing List] http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html

[Mailing List] http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html

[Patch, Vendor Advisory] http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html

[Third Party Advisory] http://securityreason.com/securityalert/8481

[Vendor Advisory] http://support.apple.com/kb/HT4808

[Vendor Advisory] http://support.apple.com/kb/HT4981

[Vendor Advisory] http://support.apple.com/kb/HT4999

Scores

EPSS 0.7624

EPSS Percentile 98.9%

Details

CWE

CWE-20

Status published

Products (40)

apple/safari 1.0 (3 CPE variants)

apple/safari 1.0.0

apple/safari 1.0.0b1

apple/safari 1.0.0b2

apple/safari 1.0.1

apple/safari 1.0.2

apple/safari 1.0.3 (3 CPE variants)

apple/safari 1.1

apple/safari 1.1.0

apple/safari 1.1.1

... and 30 more

Published Jul 21, 2011

Tracked Since Feb 18, 2026