WebKit Floating Point Number Remote Buffer Overflow Vulnerability

ID EDB-ID:33164
Type exploitdb
Reporter Apple
Modified 2009-08-11T00:00:00


WebKit Floating Point Number Remote Buffer Overflow Vulnerability. CVE-2009-2195. Remote exploits for multiple platform

                                            source: http://www.securityfocus.com/bid/36023/info

WebKit is prone to a remote buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to Apple Safari 4.0.3 are vulnerable; other applications using WebKit may also be affected. 

Example 1:
var Overflow = "31337" + 0.313373133731337313373133731337...;

Example 2:
<img width=0.3133731337313373133731337... src="31337.jpg">