Published: 21/09/2009 Updated: 19/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions prior to 4.1.2, allows remote malicious users to cause a denial of service (application crash) via JavaScript code that calls eval on a long string composed of A/ sequences.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple safari 4.0.3
apple safari 4.0
apple safari 3.2.3
apple safari 4.0.0b
apple safari 4.0.2

Debian Bug report logs - #559759 webkit: multiple security issues Package: webkit; Maintainer for webkit is (unknown); Reported by: Michael Gilbert <michaelsgilbert@gmailcom> Date: Sun, 6 Dec 2009 22:36:01 UTC Severity: serious Tags: security Found in version 101-4 Done: Michael Gilbert <michaelsgilbert@gmail ...

#!/usr/bin/perl # letsgosurfinnowonsafaripl # AKA # Safari 323 (Win32) JavaScript 'eval' Remote Denial of Service Exploit # # Jeremy Brown [0xjbrown41@gmailcom//jbrownsecblogspotcom//krakowlabscom] 09072009 # # ********************************************************************************************************* # Safari crashes when in ...

CWE-399 http://www.vupen.com/english/advisories/2011/0212 http://secunia.com/advisories/43068 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.exploit-db.com/exploits/9606 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559759 https://nvd.nist.gov https://www.exploit-db.com/exploits/9606/

CVE-2009-3272

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect