Safari Memory Corruption

July 31, 2006 @ 6:40 pm · Filed under Tips

The Mac web browser Safari is subject to a rather nasty denial of service vulnerability. There is currently no patch available for this “highly critical” vulnerability.

Description:
A vulnerability has been discovered in Safari, which potentially can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to an error in the “KHTMLParser::popOneBlock()” function. This can be exploited to cause a memory corruption via a script element in a div element redefining the document body.

Successful exploitation may allow execution of arbitrary code.

The vulnerability has been confirmed in version 2.0.4 (419.3). Other versions may also be affected.

In order to avoid the problem for the short term please disable javascript support. Also, you can always load up Firefox.

Link

Leave a Comment

 
 

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 5 chars within 0..9 and A..F, and submit the form.

  

Oh no, I cannot read this. Please, generate a