ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA19763] Safari "rowspan" Attribute Denial of Service Vulnerability



> 
> 
> TITLE:
> Safari "rowspan" Attribute Denial of Service Vulnerability
> 
> SECUNIA ADVISORY ID:
> SA19763
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/19763/
> 
> CRITICAL:
> Not critical
> 
> IMPACT:
> DoS
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> Safari 1.x
> http://secunia.com/product/1543/
> Safari 2.x
> http://secunia.com/product/5289/
> 
> DESCRIPTION:
> Yannick von Arx has discovered a vulnerability in Safari, which can
> be exploited by malicious people to cause a DoS (Denial of Service).
> 
> The vulnerability is caused due to an error in the processing of "td"
> HTML tags with overly large values for the "rowspan" attribute. This
> can be exploited to consume a large amount of CPU and memory
> resources on a vulnerable system by tricking a user into visiting a
> malicious web site.
> 
> Successful exploitation causes a vulnerable system to become
> unresponsive.
> 
> The vulnerability has been confirmed in version 2.0.3 (417.9.2) and
> has also been reported in version 1.3.1 (312.3.1). Other versions may
> also be affected.
> 
> SOLUTION:
> Do not visit untrusted web sites while working with unsaved sensitive
> information.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Yannick von Arx
> 
> ORIGINAL ADVISORY:
> http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/
> 045472.html
> 



 




Copyright © Lexa Software, 1996-2009.