Apple Safari for Windows Corefoundation.DLL Denial of Service Vulnerability
TITLE: Apple Safari for Windows Corefoundation.DLL Denial of Service Vulnerability
CLASS: Input Validation Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 16 2007 12:00AM
UPDATE: Jun 18 2007 04:59PM
CREDIT: Lostmon is credited with discovering this vulnerability.
VULNERABLE:
Apple Safari 3.0.1 Beta for Windows
NOT VULNERABLE:
Vai alla pagina originale su Security Focus
Discussion
Apple Safari for Windows is prone to a denial-of-service vulnerability because it fails to properly handle user-supplied input.
An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document.
Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions. Attackers may also be able to execute arbitrary code, but Symantec had not confirmed this.
Safari 3.0.1 public beta for Windows is reported vulnerable.
Exploit
An attacker may exploit this issue by enticing victims into viewing a maliciously crafted webpage.
The following proof of concept is available:
Solution
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.
References
References:
Keywords for this page:
corefoundation dll (from google) first seen: 2007-07-03 04:43:24 hit: 47
t (from google) first seen: 2007-07-20 16:11:51 hit: 8
safari windows corefoundation (from google) first seen: 2007-11-14 12:10:44
corefoundation dll for safari windows (from google) first seen: 2007-12-28 08:51:29
safari corefoundation dll crash (from google) first seen: 2008-01-01 12:24:57
corefoundation dll crash safari (from google) first seen: 2008-01-16 13:45:06
corefoundation dll safari (from google) first seen: 2008-01-22 11:52:47
corefoundation dll for windows (from google) first seen: 2008-01-31 21:54:57
safari crash corefoundation dll (from google) first seen: 2008-02-06 19:30:16
corefoundation dll not found (from google) first seen: 2008-03-22 19:25:13 hit: 2
safari corefoundation dll not found (from google) first seen: 2008-03-27 09:20:58
safari error corefoundation dll (from google) first seen: 2008-03-30 16:05:48
safari corefoundation dll error (from google) first seen: 2008-07-01 06:39:17 hit: 2
error corefoundation dll (from google) first seen: 2008-07-24 13:29:28
corefoundation dll (from google) first seen: 2008-07-28 21:35:13
safari corefoundation dll (from google) first seen: 2008-08-24 19:03:12
corefoundation dll was not found (from google) first seen: 2008-08-31 03:16:23
corefoundation dll safari windows (from google) first seen: 2008-09-23 16:00:59
safari corefoundation (from google) first seen: 2008-10-24 17:44:47
error corefoundation dll not found (from google) first seen: 2008-11-11 04:01:58
corefoundation (from google) first seen: 2008-11-15 05:33:12
GoogleBot visited this page on: 2008-11-19 10:10:53