Apple Safari Denial Of Service Vulnerability (Win) - Apr09 Network Vulnerability

Summary

This host is running Apple Safari Web Browser and is prone to denial of service vulnerability.

Impact

Attacker could exploit this vulnerability to cause the browser to crash. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. For updates refer to http://www.apple.com/support/downloads

Insight

Improper parsing of XML documents while persuading a victim to open a specially-crafted XML document containing an overly large number of nested elements crashes the Browser.

Affected

Apple Safari version 4 beta and prior on Windows.

References

http://xforce.iss.net/xforce/xfdb/49527

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1233

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ciscokits TFTP Server Long Filename Denial Of Service Vulnerability
avast! AntiVirus Multiple BOF Vulnerabilities (Linux)
Comodo Internet Security Denial of Service Vulnerability-03
Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability
CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability

Apple Safari Denial of Service Vulnerability (Win) - Apr09

Take action and discover your vulnerabilities