Hacker News new | ask | show | jobs
by megalodon 3580 days ago
This write-up by CitizenLab [1] describes the Trident iOS exploit chain. Excerpt:

CVE-2016-4657 [2]: Visiting a maliciously crafted website may lead to arbitrary code execution

CVE-2016-4655 [3]: An application may be able to disclose kernel memory

CVE-2016-4656 [4]: An application may be able to execute arbitrary code with kernel privileges

[1] https://citizenlab.org/2016/08/million-dollar-dissident-ipho...

[2] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-4657

[3] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-4655

[4] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-4656
1 comments
nneonneo 3580 days ago
None of these exploits have anything to do with accessing TCP services using a browser. The only exploit there having anything to do with Safari, CVE-2016-4657, is a WebKit memory corruption (per your [1]: "The stage1 employs a previously undocumented memory corruption vulnerability in WebKit to execute this code within the context of the Safari browser (CVE-2016-4657).").
link
megalodon 3579 days ago
You're right, of course. I realised my mistake after the delete link had disappeared. My bad!
link