Apple Safari Nested 'object' Tag Remote Denial Of Service Vulnerability
BID:38884
Info
Apple Safari Nested 'object' Tag Remote Denial Of Service Vulnerability
| Bugtraq ID: | 38884 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2010-1131 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 22 2010 12:00AM |
| Updated: | Apr 13 2015 09:02PM |
| Credit: | 3lkt3F0k4 |
| Vulnerable: |
Apple Safari 4.0.5 for Windows |
| Not Vulnerable: | |
Discussion
Apple Safari Nested 'object' Tag Remote Denial Of Service Vulnerability
Apple Safari is prone to a remote denial-of-service vulnerability.
Successful exploits may allow an attacker to crash the affected browser, resulting in a denial-of-service condition. Given the nature of this issue, memory corruption or code execution might be possible, but has not been confirmed.
Safari 4.0.5 for Windows is vulnerable; other versions may also be affected.
Apple Safari is prone to a remote denial-of-service vulnerability.
Successful exploits may allow an attacker to crash the affected browser, resulting in a denial-of-service condition. Given the nature of this issue, memory corruption or code execution might be possible, but has not been confirmed.
Safari 4.0.5 for Windows is vulnerable; other versions may also be affected.
Exploit / POC
Apple Safari Nested 'object' Tag Remote Denial Of Service Vulnerability
The following exploit is available:
The following exploit is available:
Solution / Fix
Apple Safari Nested 'object' Tag Remote Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Apple Safari Nested 'object' Tag Remote Denial Of Service Vulnerability
References:
References:
- Safari Homepage (Apple)