Description
Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions.
Exploits (1)
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22326
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/32710
Various Sources x_refsource_misc
http://www.digitalmunition.com/MOAB-30-01-2007.html
Scores
EPSS
0.0540
EPSS Percentile
90.2%
Details
Status
published
Products (1)
apple/safari
2.0.4_419.3
Published
Feb 01, 2007
Tracked Since
Feb 18, 2026