ID |
CVE-2006-6015
|
Summary |
Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 5.0 (as of 17-10-2018 - 21:46) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
refmap
via4
|
bid | 21053 | bugtraq | - 20061114 Apple Safari "match" Buffer Overflow Vulnerability
- 20061114 Re: Apple Safari "match" Buffer Overflow Vulnerability
|
|
statements
via4
|
contributor | Joshua Bressers | lastmodified | 2006-12-04 | organization | Red Hat | statement | Red Hat does not consider unexploitable client application crashes to be security flaws. This bug causes a stack recursion crash which is not exploitable. |
|
Last major update |
17-10-2018 - 21:46 |
Published |
21-11-2006 - 23:07 |
Last modified |
17-10-2018 - 21:46 |