CVE-2007-4812

EPSS 3.0%

Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/30767unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html http://osvdb.org/43971 http://securityreason.com/securityalert/3111 http://www.securityfocus.com/archive/1/478802/100/0/threaded http://www.securityfocus.com/bid/26448