Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09 Network Vulnerability

Summary

This host is installed with Apple Safari Web Browser and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will let the attacker execute arbitrary code, and can deny the service in the vitim's system. Impact Level: Application

Solution

Apply the patch from the WebKit development repository. http://trac.webkit.org/changeset/44519

Insight

The flaw is due to a use-after-free error while calling the 'servePendingRequests()' function in WebKit.via a crafted HTML document that references a zero-length '.js' file and the JavaScript reload function.

Affected

Apple Safari version 4.0.2 (4.30.19.1) and prior on Windows.

References

http://marcell-dietl.de/index/adv_safari_4_x_js_reload_dos.php
http://xforce.iss.net/xforce/xfdb/51533

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2419
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apple Safari Malformed URI Remote DoS Vulnerability (Win)
Connect back to SOCKS4 server
avast! AntiVirus Multiple BOF Vulnerabilities (Linux)
Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities
COWON Media Center JetAudio .wav File Denial Of Service Vulnerability

Take action and discover your vulnerabilities