MAAS History
Archives
« Microsoft Patch Tuesday Addresses Office 2004 Mac | Main | iPhone Application Security > FreeBit ServersMan 3.1.5 DOS Crash Attack »
Friday
Feb052010

Safari 4.0.4 DOS Failure of Exception Handling

DateFriday, February 5, 2010 at 09:13AM

Majorsecurity.info is reporting a DOS vulnerability in Safari 4.0.4 and earlier versions. The vulnerability exist in the WebKit engine making other applications vulnerable. Although not listed in the Major Security Advisory the Mac platform is vulnerable resulting in first a slow script error and then a application crash.

The proof of concept posted demonstrates the flaw by creating a host of marquee tags causing Safari to crash. It has been confirmed that this does affect MacOSX in addition to the Windows Platform. The script cannot lead to remote code execution. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , ,

PrintView Printer Friendly Version

EmailEmail Article to Friend

References (1)

References allow you to track sources for this article, as well as articles that were written in response to this article.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.
Member Account Required
You must have a member account on this website in order to post comments. Log in to your account to enable posting.