CVE-2018-4192

HIGH

Safari < 11.1.1 - Remote Code Execution via WebKit Race Condition

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4192. PoCs published by ret2.

AI-analyzed exploit summary This exploit leverages a use-after-free (UAF) vulnerability in JavaScriptCore (WebKit) to achieve arbitrary read/write primitives, ultimately overwriting the JIT page for code execution. It involves spraying structures, corrupting array butterflies, and manipulating JSValue arrays to bypass memory safety.

Description

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a race condition.

Exploits (1)

exploitdb WORKING POC

by ret2 · javascriptlocalmultiple

https://www.exploit-db.com/exploits/45048

View Code ZIP pw:eip

This exploit leverages a use-after-free (UAF) vulnerability in JavaScriptCore (WebKit) to achieve arbitrary read/write primitives, ultimately overwriting the JIT page for code execution. It involves spraying structures, corrupting array butterflies, and manipulating JSValue arrays to bypass memory safety.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: WebKit JavaScriptCore (Safari) < 12.0

No auth needed

Prerequisites: Target must be running a vulnerable version of WebKit JavaScriptCore · Attacker must deliver the exploit via a malicious webpage or script

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →