[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Local Denial of Service in Safari

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Local Denial of Service in Safari
From: azizov@xxxxxxxxxxxx
Date: 16 Jun 2007 19:42:08 -0000

Vulnerability at locally viewing files with the reference to document.location 
parameter leads to failure of a browser. In consequence of that there is a 
service crash. 

Tested on:

Safari 3.0.1 (522.12.2) &#1054;S Windows XP SP2
Safari 3.0   (522.11.3) &#1054;S Windows XP SP2

Example that can be injected in web-page: 

<script type='text/javascript'>
document.location = '';
</script>

Prev by Date: Sitellite cms <= 4.2.12 RFI Vuln
Next by Date: Having Fun With PostgreSQL
Previous by thread: Re: Sitellite cms <= 4.2.12 RFI Vuln
Next by thread: Having Fun With PostgreSQL
Index(es):
- Date
- Thread