Mac OS X KHTMLParser Remote Denial of Service Vulnerability
Posted by deepquest on December 26, 2005 – 3:27 am
A vulnerability in Mac OS X has been reported, which can be exploited by remote users to trigger denial of service conditions.
The weakness is caused due to an error in the KHTMLParser when parsing certain malformed HTML documents. This can be exploited to crash an application that uses the parser via a specially crafted HTML file. In certain cases, this may cause the system to become unresponsive.
[b][url=http://deepquest.code511.com/blog/saf202.html]Don’t click me[/url][/b]
Confirmed in TextEdit and Safari in Mac OS X with Security Update 2005-009. Other applications that use the parser may also be affected.
Post a reply
You must be logged in to post a comment.