Lucene search

[email protected]CVE-2007-0342

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2007-0342

2022-10-0316:14:42

CWE-399

[email protected]

web.nvd.nist.gov

cve-2007-0342

webcore

apple webkit

denial of service

null dereference

application crash

td element

rowspan attribute

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.172 Low

EPSS

Percentile

96.1%

JSON

WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than CVE-2006-2019.

Affected configurations

NVD

Node

applesafariMatch2.0.4_419.3

applewebkitMatchbuild_18794

omnigroupomniwebMatch5.5.3

Node

applemac_os_xMatch10.4.8

CPENameOperatorVersion
apple:safariapple safarieq2.0.4_419.3
apple:webkitapple webkiteqbuild_18794
omnigroup:omniwebomnigroup omniwebeq5.5.3

CPE	Name	Operator	Version
apple:safari	apple safari	eq	2.0.4_419.3
apple:webkit	apple webkit	eq	build_18794
omnigroup:omniweb	omnigroup omniweb	eq	5.5.3

References

security-protocols.com/sp-x41-advisory.php

www.securityfocus.com/bid/22059

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.172 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2007-0342

cvelist3 prion3 securityvulns1 checkpoint_advisories1 nvd3 cve2