Описание
WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than CVE-2006-2019.
Ссылки
- ExploitVendor Advisory
- Exploit
- ExploitVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apple:safari:2.0.4_419.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:webkit:build_18794:*:*:*:*:*:*:*
cpe:2.3:a:omnigroup:omniweb:5.5.3:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05222
Низкий
7.5 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-399
CWE-476
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than CVE-2006-2019.
EPSS
Процентиль: 90%
0.05222
Низкий
7.5 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-399
CWE-476