HTTP: Apple Safari JavaScript eval() Denial of Service
This signature detects attempts to exploit a known vulnerability against Apple Safari 3.2.3. A successful attack can result in a denial-of-service condition.
Extended Description
Apple Safari is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Safari 3.2.3 for Windows is vulnerable; other versions may also be affected. NOTE: Other applications that use the WebKit framework may also be affected.
Affected Products
Webkit_open_source_project webkit
Short Name
HTTP:STC:SAFARI:JS-EVAL-DOS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2009-3272 Denial JavaScript Safari Service bid:36298 eval() of
Release Date
12/17/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Webkit_open_source_project
Apple
CVSS Score
5.0