Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09 Network Vulnerability

Summary

This host is installed with Apple Safari Web Browser and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will let the attacker execute arbitrary code, and can deny the service in the vitim's system. Impact Level: Application

Solution

Apply the patch from the WebKit development repository. http://trac.webkit.org/changeset/44519

Insight

The flaw is due to a use-after-free error while calling the 'servePendingRequests()' function in WebKit.via a crafted HTML document that references a zero-length '.js' file and the JavaScript reload function.

Affected

Apple Safari version 4.0.2 (4.30.19.1) and prior on Windows.

References

http://marcell-dietl.de/index/adv_safari_4_x_js_reload_dos.php
http://xforce.iss.net/xforce/xfdb/51533

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2419

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ClamAV Recursion Level Handling Denial of Service Vulnerability (Windows)
Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09
AVG Anti-Virus UPX Processing Denial of Service Vulnerability
ejabberd 'client2server' Message Remote Denial of Service Vulnerability
Apache Tomcat Content-Type Header Denial Of Service Vulnerability

Take action and discover your vulnerabilities