Vulnerabilities > CVE-2004-0361 - Denial Of Service vulnerability in Apple Safari Large JavaScript Array Handling
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description | Apple Safari 1.x Large JavaScript Array Handling Denial Of Service Vulnerability. CVE-2004-0361. Dos exploit for osx platform |
id | EDB-ID:23793 |
last seen | 2016-02-02 |
modified | 2004-03-06 |
published | 2004-03-06 |
reporter | kang |
source | https://www.exploit-db.com/download/23793/ |
title | Apple Safari 1.x Large JavaScript Array Handling Denial of Service Vulnerability |
Nessus
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_SECUPD20040907.NASL |
description | The remote host is missing Security Update 2004-09-07. This security update fixes the following components : - CoreFoundation - IPSec - Kerberos - libpcap - lukemftpd - NetworkConfig - OpenLDAP - OpenSSH - PPPDialer - rsync - Safari - tcpdump These applications contain multiple vulnerabilities that may allow a remote attacker to execute arbitrary code. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 14676 |
published | 2004-09-08 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/14676 |
title | Mac OS X Multiple Vulnerabilities (Security Update 2004-09-07) |
code |
|