CVE-2017-2491

HIGH

iPhone OS < 10.2.1 - Remote Code Execution via JavaScript String.replace Use-After-Free

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-2491. PoCs published by saelo & niklasb.

AI-analyzed exploit summary This exploit leverages a use-after-free vulnerability (CVE-2017-2491) in WebKit's JavaScriptCore to achieve arbitrary memory read/write primitives, ultimately leading to remote code execution via shellcode injection. It employs a large heap spray (~28 GiB) to reliably exploit the vulnerability.

Description

Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by saelo & niklasb · htmlremotemacos
https://www.exploit-db.com/exploits/41964

This exploit leverages a use-after-free vulnerability (CVE-2017-2491) in WebKit's JavaScriptCore to achieve arbitrary memory read/write primitives, ultimately leading to remote code execution via shellcode injection. It employs a large heap spray (~28 GiB) to reliably exploit the vulnerability.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: WebKit (JavaScriptCore) in Safari and other WebKit-based browsers
No auth needed
Prerequisites: Victim must visit a malicious webpage · Browser must be using a vulnerable version of WebKit
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/en-us/HT207617
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41964/
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-17-321
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/98316

Scores

CVSS v3 8.8
EPSS 0.2169
EPSS Percentile 95.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (1)
apple/iphone_os < 10.2.1
Published Jun 27, 2017
Tracked Since Feb 18, 2026