Apple OS X Safari 2.0.3 Multiple Vulnerabilities
April 19th, 2006
Apple OS X 10.4.6 and prior
Safari 2.0.3 (417.9.2) and all prior versions
Multiple vulnerabilities exist within Safari 2.0.3 (417.9.2) and all prior versions which causes the application to crash, and or may allow for an attacker to execute arbitrary code. Below are the crash address, and links to basic PoC to reproduce the crashes.
0x95940f9c in KWQListIteratorImpl::KWQListIteratorImpl ()
0x95aa1b64 in QPainter::drawText ()
0xfffeff20 in objc_msgSend_rtp ()
Apple was notified of these issues on 01/06/2006.
Currently no patches have been released for these vulnerabilities.
As Ilja has once said, "it is trivial to get Safari to crash". He is right...