Exploitation Summary
EIP tracks 1 public exploit for CVE-2005-3018. PoCs published by Jonathan Rockway.
AI-analyzed exploit summary This exploit demonstrates a memory corruption vulnerability in Apple Safari by using malformed 'data:' URIs, which can cause the browser to crash. The PoC suggests potential for arbitrary code execution, though this is unconfirmed.
Description
Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Jonathan Rockway · textdososx
https://www.exploit-db.com/exploits/26271
This exploit demonstrates a memory corruption vulnerability in Apple Safari by using malformed 'data:' URIs, which can cause the browser to crash. The PoC suggests potential for arbitrary code execution, though this is unconfirmed.
Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
Apple Safari (versions affected by CVE-2005-3018)
No auth needed
Prerequisites:
Victim must open a malformed 'data:' URI in Apple Safari
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/22331
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112715234411672&w=2
Exploit, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/16875/
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/14868
Exploit vdb-entry
x_refsource_osvdb
http://www.osvdb.org/19569
Scores
EPSS
0.0300
EPSS Percentile
85.7%
Details
Status
published
Products (9)
apple/safari
1.0
apple/safari
1.1
apple/safari
1.2
apple/safari
1.2.1
apple/safari
1.2.2
apple/safari
1.2.3
apple/safari
1.3
apple/safari
2.0
apple/safari
2.0.1
Published
Sep 21, 2005
Tracked Since
Feb 18, 2026