<div dir="ltr"><div><div>Hello, <br><br></div>I'm looking forward to get any comment about CVE-2014-1303.<div><br></div>Regards,<br></div>Jopoxs<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Mar 4, 2016 at 7:54 PM, My shin <span dir="ltr"><<a href="mailto:jopoxs@gmail.com" target="_blank">jopoxs@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello,<div><br></div><div>Is there someone who knows well how to solve CVE-2014-1303 in WebKit?</div><div><br></div><div>What is CVE-2014-1303?</div><div><span style="color:rgb(0,0,0);font-family:Verdana,Helvetica,sans-serif;font-size:12.96px">Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.</span><br></div><div><br></div><div><br></div><div>I'd like to find the patch against of it.</div><div>I couldn't access the some Bugzilla's id so it would be better to get git hash.</div><div><br></div><div><br></div><div>Regards,</div><div>Jopoxs</div><div><br></div></div>
</blockquote></div><br></div>