var-200611-0426
Vulnerability from variot
Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression. Apple Safari web browser is prone to a denial-of-service vulnerability when executing certain JavaScript code. An attacker can exploit this issue to crash an affected browser. Presumably, this issue may also result in remote code execution, but this has not been confirmed. Apple Safari 2.0.4 is vulnerable to this issue; other versions may also be affected. There is a vulnerability in Apple Safari's processing of very long regular expression matching strings. Remote attackers may use this vulnerability to execute arbitrary commands on the user's machine. If a Safari user is tricked into visiting a site that contains malicious JavaScript, a vulnerability in regular expression processing could be triggered, causing the browser to crash or execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200611-0426",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "eq",
"trust": 2.4,
"vendor": "apple",
"version": "10.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "21053"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001580"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-323"
},
{
"db": "NVD",
"id": "CVE-2006-6015"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001580"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "jbh_cg jbh_cg@yahoo.fr",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-323"
}
],
"trust": 0.6
},
"cve": "CVE-2006-6015",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-6015",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-22123",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-6015",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2006-6015",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-323",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-22123",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2006-6015",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-22123"
},
{
"db": "VULMON",
"id": "CVE-2006-6015"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001580"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-323"
},
{
"db": "NVD",
"id": "CVE-2006-6015"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression. Apple Safari web browser is prone to a denial-of-service vulnerability when executing certain JavaScript code. \nAn attacker can exploit this issue to crash an affected browser. Presumably, this issue may also result in remote code execution, but this has not been confirmed. \nApple Safari 2.0.4 is vulnerable to this issue; other versions may also be affected. There is a vulnerability in Apple Safari\u0027s processing of very long regular expression matching strings. Remote attackers may use this vulnerability to execute arbitrary commands on the user\u0027s machine. If a Safari user is tricked into visiting a site that contains malicious JavaScript, a vulnerability in regular expression processing could be triggered, causing the browser to crash or execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6015"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001580"
},
{
"db": "BID",
"id": "21053"
},
{
"db": "VULHUB",
"id": "VHN-22123"
},
{
"db": "VULMON",
"id": "CVE-2006-6015"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-22123",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=29007",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-22123"
},
{
"db": "VULMON",
"id": "CVE-2006-6015"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-6015",
"trust": 2.6
},
{
"db": "BID",
"id": "21053",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001580",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200611-323",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20061114 APPLE SAFARI \"MATCH\" BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061114 RE: APPLE SAFARI \"MATCH\" BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "29007",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-82548",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-22123",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2006-6015",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-22123"
},
{
"db": "VULMON",
"id": "CVE-2006-6015"
},
{
"db": "BID",
"id": "21053"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001580"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-323"
},
{
"db": "NVD",
"id": "CVE-2006-6015"
}
]
},
"id": "VAR-200611-0426",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-22123"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:39:55.269000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.apple.com/macosx/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001580"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6015"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/21053"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/451542/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/451823/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6015"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6015"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/451823/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/451542/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.apple.com/safari/"
},
{
"trust": 0.3,
"url": "/archive/1/451542"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/29007/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-22123"
},
{
"db": "VULMON",
"id": "CVE-2006-6015"
},
{
"db": "BID",
"id": "21053"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001580"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-323"
},
{
"db": "NVD",
"id": "CVE-2006-6015"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-22123"
},
{
"db": "VULMON",
"id": "CVE-2006-6015"
},
{
"db": "BID",
"id": "21053"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001580"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-323"
},
{
"db": "NVD",
"id": "CVE-2006-6015"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-11-21T00:00:00",
"db": "VULHUB",
"id": "VHN-22123"
},
{
"date": "2006-11-21T00:00:00",
"db": "VULMON",
"id": "CVE-2006-6015"
},
{
"date": "2006-11-14T00:00:00",
"db": "BID",
"id": "21053"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001580"
},
{
"date": "2006-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-323"
},
{
"date": "2006-11-21T23:07:00",
"db": "NVD",
"id": "CVE-2006-6015"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-22123"
},
{
"date": "2018-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2006-6015"
},
{
"date": "2006-11-15T23:26:00",
"db": "BID",
"id": "21053"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001580"
},
{
"date": "2007-01-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-323"
},
{
"date": "2024-11-21T00:21:26.570000",
"db": "NVD",
"id": "CVE-2006-6015"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-323"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Safari of JavaScript Implementation buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001580"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-323"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…