[webkit-dev] Regarding CVE-2014-1303

My shin jopoxs at gmail.com
Mon Mar 7 07:58:18 PST 2016


I'm looking forward to get any comment about CVE-2014-1303.


On Fri, Mar 4, 2016 at 7:54 PM, My shin <jopoxs at gmail.com> wrote:

> Hello,
> Is there someone who knows well how to solve CVE-2014-1303 in WebKit?
> What is CVE-2014-1303?
> Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers
> to execute arbitrary code and bypass a sandbox protection mechanism via
> unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own
> competition at CanSecWest 2014.
> I'd like to find the patch against of it.
> I couldn't access the some Bugzilla's id so it would be better to get git
> hash.
> Regards,
> Jopoxs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-dev/attachments/20160308/a28d8a10/attachment.html>

More information about the webkit-dev mailing list