Immunity, Inc.
Name wp_apple_safari_webkit_libxslt
CVE CVE-2011-1774
Exploit Pack White_Phosphorus
DescriptionApple Safari Webkit libxslt Arbitrary File Creation
NotesReferences: http://osvdb.org/show/osvdb/74017
CVE Name: CVE-2011-1774
VENDOR: Apple
Notes:
This is a browser based client-side exploit - use it via httpserver.
This exploit requires a .mof be written to the disk to cause remote code execution. The .mof may need to be removed manually from SystemRoot\system32\wbem\mof\good\ upon successful exploitation.

Repeatability: Unlimited
Date public: 2011-07-20
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1774
CVSS: 8.8

Learn more about the CANVAS Exploit Pack here: White_Phosphorus