Intrusion Prevention

Apple.Safari.WebKit.Range.Object.Code.Execution

Description

This indicates an attack attempt against a buffer overflow vulnerability in Apple Safari WebKit.
This issue is caused by an error in the DOM level 2 implementation in WebKit when handling a range object. It may allow remote attackers to execute arbitrary code by sending a crafted web page.

Affected Products

Apple iTunes before 10.2 on Windows and Apple Safari

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor web site for suggested workaround.
http://support.apple.com/kb/HT4554

CVE References

CVE-2011-0115