CVE-2006-2019

Apple Safari - Denial of Service

Title source: rule

Description

Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Yannick von Arx · htmldososx

https://www.exploit-db.com/exploits/1715

View Code ZIP pw:eip

References (9)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/17674

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/431944/100/0/threaded

[Exploit] http://securitytracker.com/id?1015982

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/1715

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045472.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/431874/100/0/threaded

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/1508

[Vendor Advisory] http://secunia.com/advisories/19763

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25998

Scores

EPSS 0.1638

EPSS Percentile 94.9%

Details

Status published

Products (2)

apple/safari 1.3.1

apple/safari 2.0.3

Published Apr 25, 2006

Tracked Since Feb 18, 2026