CVE-2011-3845 Information

Description

Use-after-free vulnerability in Apple Safari 5.1.2 when a plug-in with a blocking function is installed allows user-assisted remote attackers to execute arbitrary code via a crafted web page that is accessed during user interaction with the plug-in leading to improper coordination between an API call and the plug-in unloading functionality as demonstrated by the Adobe Flash and RealPlayer plug-ins.

Reference

http://osvdb.org/79849 http://secunia.com/advisories/45758 http://www.securityfocus.com/bid/52325 https://exchange.xforce.ibmcloud.com/vulnerabilities/73713