1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Apple Safari User-Assisted Download and Run

Web Attack: Apple Safari User-Assisted Download and Run

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempts of leveraging a security bypass vulnerability in Apple Safari which could lead to arbitrary code execution.

Additional Information

Apple Safari is a web browser for multiple platforms.

Apple Safari is prone to a security-bypass vulnerability because it fails to sufficiently sanitize user-supplied data submitted through the 'srcdoc' attribute of IFRAME tag.

An attacker can exploit this vulnerability to bypass the cross-site scripting filter. Successful exploits may allow attackers to execute arbitrary script code and steal cookie-based authentication credentials.


  • OS X 10.6.8, Safari 5.x. Other versions may affect as well.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube