| ID |
CVE-2006-6015
|
| Summary |
Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 5.0 (as of 17-10-2018 - 21:46) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| refmap
via4
|
| bid | 21053 | | bugtraq | - 20061114 Apple Safari "match" Buffer Overflow Vulnerability
- 20061114 Re: Apple Safari "match" Buffer Overflow Vulnerability
|
|
| statements
via4
|
| contributor | Joshua Bressers | | lastmodified | 2006-12-04 | | organization | Red Hat | | statement | Red Hat does not consider unexploitable client application crashes to be security flaws. This bug causes a stack recursion crash which is not exploitable. |
|
| Last major update |
17-10-2018 - 21:46 |
| Published |
21-11-2006 - 23:07 |
| Last modified |
17-10-2018 - 21:46 |
