CVE-2018-4312

HIGH EXPLOITED

Safari < 12 - Use-After-Free

Title source: llm

Exploitation Summary

CVE-2018-4312 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Google Security Research.

AI-analyzed exploit summary This PoC exploits a use-after-free vulnerability in WebKit (CVE-2018-4312) by manipulating DOM elements and triggering accessibility features. The provided JavaScript and HTML code demonstrates the vulnerability, leading to a heap-use-after-free condition as shown in the ASan log.

Description

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · htmldosmultiple

https://www.exploit-db.com/exploits/45481

View Code ZIP pw:eip

This PoC exploits a use-after-free vulnerability in WebKit (CVE-2018-4312) by manipulating DOM elements and triggering accessibility features. The provided JavaScript and HTML code demonstrates the vulnerability, leading to a heap-use-after-free condition as shown in the ASan log.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WebKit (revision 233006, Safari on macOS, WebKitGTK+)

No auth needed

Prerequisites: Accessibility features enabled (automatically enabled by opening the inspector in Safari or enabled by default in WebKitGTK+) · Victim interaction (loading the malicious HTML)

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →