Apple Safari JavaScript Regular Expression Match Remote Denial of Service Vulnerability
BID:21053
Info
Apple Safari JavaScript Regular Expression Match Remote Denial of Service Vulnerability
| Bugtraq ID: | 21053 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 14 2006 12:00AM |
| Updated: | Nov 15 2006 11:26PM |
| Credit: | [email protected] is credited with the discovery of this issue. |
| Vulnerable: |
Apple Safari 2.0.4 |
| Not Vulnerable: | |
Discussion
Apple Safari JavaScript Regular Expression Match Remote Denial of Service Vulnerability
Apple Safari web browser is prone to a denial-of-service vulnerability when executing certain JavaScript code.
An attacker can exploit this issue to crash an affected browser. Presumably, this issue may also result in remote code execution, but this has not been confirmed.
Apple Safari 2.0.4 is vulnerable to this issue; other versions may also be affected.
Apple Safari web browser is prone to a denial-of-service vulnerability when executing certain JavaScript code.
An attacker can exploit this issue to crash an affected browser. Presumably, this issue may also result in remote code execution, but this has not been confirmed.
Apple Safari 2.0.4 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
Apple Safari JavaScript Regular Expression Match Remote Denial of Service Vulnerability
The following exploit is available:
The following exploit is available:
Solution / Fix
Apple Safari JavaScript Regular Expression Match Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Apple Safari JavaScript Regular Expression Match Remote Denial of Service Vulnerability
References:
References: