Apple WebKit WebCore Remote Denial of Service Vulnerability
BID:22059
Info
Apple WebKit WebCore Remote Denial of Service Vulnerability
| Bugtraq ID: | 22059 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 15 2007 12:00AM |
| Updated: | Jan 16 2007 06:00PM |
| Credit: | Tom Ferris is credited with the discovery of this issue. |
| Vulnerable: |
Omni Group OmniWeb 5.5.3 Apple WebKit build 18794 Apple Safari 2.0.4 Apple Mac OS X Server 10.4.8 Apple Mac OS X 10.4.8 |
| Not Vulnerable: | |
Discussion
Apple WebKit WebCore Remote Denial of Service Vulnerability
Apple WebKit is prone to a denial-of-service vulnerability.
Attackers may exploit this issue by enticing victims into opening a malicious HTML document with an application using the affected framework.
Successful exploits will result in denial-of-service conditions.
Applications using WebKit build 18794 are vulnerable to this issue.
Apple WebKit is prone to a denial-of-service vulnerability.
Attackers may exploit this issue by enticing victims into opening a malicious HTML document with an application using the affected framework.
Successful exploits will result in denial-of-service conditions.
Applications using WebKit build 18794 are vulnerable to this issue.
Exploit / POC
Apple WebKit WebCore Remote Denial of Service Vulnerability
An attacker can exploit this issue by enticing an unsuspecting vicitim to view a malicious HTML document with an application using the affected framework.
The following exploit is available:
An attacker can exploit this issue by enticing an unsuspecting vicitim to view a malicious HTML document with an application using the affected framework.
The following exploit is available:
Solution / Fix
Apple WebKit WebCore Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Apple WebKit WebCore Remote Denial of Service Vulnerability
References:
References:
- Safari Homepage (Apple)
- The WebKit Open Source Project (Webkit)
- Vendor Home Page (Apple)
- WebCore Home Page (Apple)
- OmniWeb Homepage (Omnigroup)