############################################
Safari 3.0.1 (552.12.2) for windows corefoundation.dll DoS
Vendor Url:www.apple.com/safari/
Advisore:http://lostmon.blogspot.com/2007/06/
safari-301-552122-for-windows.html
Vendor notify:yes exploit available:yes
###########################################
Safari contains a flaw that may allow a remote denial of service.
The issue is triggered when specially crafted input is processed
by the web browser. The crashes occur due to issues with the
functions to manage the History and all History,and will result
in loss of availability for the application.I donīt know if this
can execute arbitrary code.
#############
versions:
#############
Safari 3.0.1
###########
solution:
###########
Unknow Solution !
##########
timeline:
##########
discovered:14-06.2007
vendor notify:15-06-2007
vendor response:
disclosure:16-06-2007
#####################
details of the crash
#####################
see the screen shoot:
http://www.spymac.com/upload/2007/06/15/iBvYpCnJFW.gif
--
Crash !
AppName: safari.exe AppVer: 3.522.12.2 ModName: corefoundation.dll
ModVer: 1.434.6.0 Offset: 000097cd
#################
Safari Crash Poc
#################
save this file as html document and open it in safari
put some number in the second form and safai crash.
Safari 3.0.1 beta for windows Crash Poc By Lostmon
Safari 3.0.1 beta for windows Crash Poc By Lostmon (Lostmon@Gmail.com )
Put some number in the second form for crash Safari
#################### nd #####################
Thnx to estrella to be my ligth
Thnx to all Lostmonīs Groups
Thnx to all Who belive in me !!
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....