Safari WebKit floating point number buffer overflow

Added: 09/16/2009
CVE: CVE-2009-2195
BID: 36023
OSVDB: 56988

Background

Safari is a web browser for Mac OS X and Windows. Safari is built upon the WebKit browser engine.

Problem

A buffer overflow vulnerability in WebKit allows command execution when a user loads a page which contains a specially crafted floating point number.

Resolution

Upgrade to Safari 4.0.3 or higher.

References

http://support.apple.com/kb/HT3733

Limitations

Exploit works on Safari 4.0.2 and requires a user to load the exploit page.

After the page is loaded, there may be a delay before the exploit succeeds.

Platforms

Windows XP
Mac OS X 10.4

Back to exploit index