Apple Safari KHTMLParser::popOneBlock Code Execution

Network Security News – Wednesday, August 02, 2006 Events

Apple Safari KHTMLParser::popOneBlock Code Execution

Safari contains a flaw that may allow a malicious user to execute arbitrary code. The issue is caused due to an error in the 'KHTMLParser::popOneBlock()' function that can be exploited to cause a memory corruption via a script element in a div element redefining the document body. It is possible that the flaw may allow remote arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/27534