{"id":13899,"date":"2016-03-18T09:56:16","date_gmt":"2016-03-18T13:56:16","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=13899"},"modified":"2016-03-18T09:56:16","modified_gmt":"2016-03-18T13:56:16","slug":"safari-root-exploit","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2016\/03\/18\/safari-root-exploit\/","title":{"rendered":"Safari Root Exploit"},"content":{"rendered":"<p><a href=\"http:\/\/blog.trendmicro.com\/pwn2own-day-1-recap\/\">Christopher Budd<\/a> (via <a href=\"http:\/\/www.macrumors.com\/2016\/03\/17\/pwn2own-2016-os-x-safari-exploits\/\">Joe Rossignol<\/a>):<\/p>\n<blockquote cite=\"http:\/\/blog.trendmicro.com\/pwn2own-day-1-recap\/\"><p>JungHoon Lee (lokihardt): Demonstrated a successful code execution attack against Apple Safari to gain root privileges. The attack consisted of four new vulnerabilities: a use-after-free vulnerability in Safari and three additional vulnerabilities, including a heap overflow to escalate to root. This demonstration earned 10 Master of Pwn points and US$60,000.<\/p><\/blockquote>\n<p>Note that Safari&rsquo;s helper processes are sandboxed, but the application itself is not.<\/p>","protected":false},"excerpt":{"rendered":"<p>Christopher Budd (via Joe Rossignol): JungHoon Lee (lokihardt): Demonstrated a successful code execution attack against Apple Safari to gain root privileges. The attack consisted of four new vulnerabilities: a use-after-free vulnerability in Safari and three additional vulnerabilities, including a heap overflow to escalate to root. This demonstration earned 10 Master of Pwn points and US$60,000. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[131,30,1199,103,53,48],"class_list":["post-13899","post","type-post","status-publish","format-standard","hentry","category-technology","tag-bug","tag-mac","tag-mac-os-x-10-11","tag-safari","tag-sandboxing","tag-security"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/13899","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=13899"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/13899\/revisions"}],"predecessor-version":[{"id":13900,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/13899\/revisions\/13900"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=13899"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=13899"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=13899"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}