Published: 22/12/2005 Updated: 20/07/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 785

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and previous versions, as used by Safari and TextEdit, allows remote malicious users to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple safari 1.1
apple safari 1.2
apple safari 2.0.2
apple textedit
apple safari 1.2.1
apple safari 1.2.2
apple safari 1.0
apple safari 2.0
apple safari 2.0.1
apple safari 1.2.3
apple safari 1.3
apple mac os x 10.1
apple mac os x 10.1.1
apple mac os x 10.2.3
apple mac os x 10.2.4
apple mac os x 10.3.2
apple mac os x 10.3.3
apple mac os x 10.4
apple mac os x 10.4.1
apple mac os x server 10.1.4
apple mac os x server 10.1.5
apple mac os x server 10.2.6
apple mac os x server 10.2.7
apple mac os x server 10.3.5
apple mac os x server 10.3.6
apple mac os x 10.0
apple mac os x 10.1.2
apple mac os x 10.1.3
apple mac os x 10.2.5
apple mac os x 10.2.6
apple mac os x 10.3.4
apple mac os x 10.3.5
apple mac os x 10.4.2
apple mac os x 10.4.3
apple mac os x server 10.0
apple mac os x server 10.2
apple mac os x server 10.2.1
apple mac os x server 10.2.8
apple mac os x server 10.3
apple mac os x server 10.3.7
apple mac os x server 10.3.8
apple mac os x server 10.3.9
apple mac os x 10.0.3
apple mac os x 10.0.4
apple mac os x 10.2.1
apple mac os x 10.2.2
apple mac os x 10.3
apple mac os x 10.3.1
apple mac os x 10.3.8
apple mac os x 10.3.9
apple mac os x server 10.1.2
apple mac os x server 10.1.3
apple mac os x server 10.2.4
apple mac os x server 10.2.5
apple mac os x server 10.3.3
apple mac os x server 10.3.4
apple mac os x server 10.4.2
apple mac os x server 10.4.3
apple mac os x 10.0.1
apple mac os x 10.0.2
apple mac os x 10.1.4
apple mac os x 10.1.5
apple mac os x 10.2
apple mac os x 10.2.7
apple mac os x 10.2.8
apple mac os x 10.3.6
apple mac os x 10.3.7
apple mac os x server 10.1
apple mac os x server 10.1.1
apple mac os x server 10.2.2
apple mac os x server 10.2.3
apple mac os x server 10.3.1
apple mac os x server 10.3.2
apple mac os x server 10.4
apple mac os x server 10.4.1

source: wwwsecurityfocuscom/bid/16045/info Apple Mac OS X KHTMLParser is affected by a remote denial of service vulnerability Successful exploitation may cause an application employing KHTMLParser to crash KHTMLParser is used by Apple Safari Web browser and Apple TextEdit word processor Mac OS X 1043 and prior, TextEdit, and Safari ...

NVD-CWE-Other http://www.securityfocus.com/bid/16045 http://secunia.com/advisories/18220 http://security-protocols.com/advisory/sp-x22-advisory.txt http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://www.kb.cert.org/vuls/id/351217 http://www.securityfocus.com/bid/16907 http://secunia.com/advisories/19064 http://docs.info.apple.com/jarticle.html?artnum=303382-en http://docs.info.apple.com/article.html?artnum=303382 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2005/3058 http://www.vupen.com/english/advisories/2006/0791 https://exchange.xforce.ibmcloud.com/vulnerabilities/23819 https://nvd.nist.gov https://www.exploit-db.com/exploits/26971/https://www.kb.cert.org/vuls/id/351217

CVE-2005-4504

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect