Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Apple Safari 4.0.4 Denial Of Service

🗓️ 05 Feb 2010 00:00:00Reported by David "Aesthetico" Vieira-KurzType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 43 Views

Apple Safari 4.0.4 Denial of Service vulnerabilit

Code
`[MajorSecurity Advisory #64]Apple Safari 4.0.4 Denial of Service  
  
Details  
============  
Product: Apple Safari Webbrowser  
Security-Risk: low  
Remote-Exploit: yes  
Vendor-URL: http://www.apple.com/safari/  
Vendor-Status: informed  
Advisory-Status: published on 02-02-2010  
  
Credits  
============  
Discovered by: David Vieira-Kurz  
http://www.majorsecurity.info  
  
Affected Products:  
============  
Apple Safari browser 4.0.4 an prior  
  
Original Advisory:  
============  
http://www.majorsecurity.info/index_2.php?adv=major_rls64  
  
Introduction  
============  
The Apple Safari browser is a webbrowser based on the WebKit Engine.  
  
More Details  
============  
A remotely exploitable vulnerability has been found in the JavaScript Engine of the Apple Safari Browser(based on Webkit Engine).  
In detail, the following flaw was determined:  
The Apple Safari browser is prone to a denial of service vulnerability when parsing certain HTML content.  
This is possible due to a failure in handling exceptional conditions. This issue is caused by a memory corruption error when handling javascript elements, which could be exploited by remote attackers to crash the browser by tricking a user into visiting a specially crafted web page.  
This issue can NOT be lead to remote code execution, so that the potential security risk is rated low.  
  
The exploit has been tested on Windows Vista SP2 with Safari 4.0.4 using following useragent:  
Mozilla/5.0 (Windows; U; Windows NT 6.0; de-DE) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10  
  
Proof of Concept:  
============  
<script>  
var overloadtag = "<marquee>";  
for(x=1;x<=9999999999;x++){  
document.write(overloadtag);  
}  
</script>  
  
MajorSecurity  
================  
MajorSecurity is a German penetrationtesting and security research company which focuses  
on web application security. We offer professional penetrationtestings, security audits,  
source code reviews and reliable proof of concepts.  
You will find more Information about MajorSecurity at  
http://www.majorsecurity.info/  
  
Unaltered electronic reproduction of this advisory is permitted. For all other reproduction or publication, in printing or otherwise, contact [email protected] for permission.  
Use of the advisory constitutes acceptance for use in an "as is" condition. All warranties are excluded. In no event shall majorsecurity and David Vieira-Kurz IT Security Services be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if majorsecurity has been advised of the possibility of such damages.Copyright 2010 MajorSecurity and David Vieira-Kurz IT Security Services. All rights reserved. Terms of use apply.   
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
05 Feb 2010 00:00Current
apple safaridenial of servicewebkit engine
43