Sign-up

ID

VAR-200607-0111


CVE

CVE-2006-3372


TITLE

Apple Safari Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2006-003810

DESCRIPTION

Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of service (application crash) via a DHTML setAttributeNode function call with zero arguments, which triggers a null dereference. Apple Safari There is a service disruption (DoS) There are vulnerabilities that are put into a state.Service disruption by a third party (DoS) There is a possibility of being put into a state. Apple Safari web browser is prone to a denial-of-service vulnerability when parsing certain malformed DHTML elements. An attacker can exploit this issue to crash an affected browser

Trust: 1.98

sources: NVD: CVE-2006-3372 // JVNDB: JVNDB-2006-003810 // BID: 18822 // VULHUB: VHN-19480

AFFECTED PRODUCTS

vendor:applemodel:safariscope:eqversion:2.0.4_419.3

Trust: 1.6

vendor:applemodel:safariscope:eqversion:2.0.4/419.3

Trust: 0.8

vendor:applemodel:safariscope:eqversion:2.0.4

Trust: 0.3

sources: BID: 18822 // JVNDB: JVNDB-2006-003810 // CNNVD: CNNVD-200607-064 // NVD: CVE-2006-3372

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-3372
value: MEDIUM

Trust: 1.0

NVD: CVE-2006-3372
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200607-064
value: MEDIUM

Trust: 0.6

VULHUB: VHN-19480
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-3372
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-19480
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-19480 // JVNDB: JVNDB-2006-003810 // CNNVD: CNNVD-200607-064 // NVD: CVE-2006-3372

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-3372

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200607-064

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200607-064

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-003810

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-19480

EXTERNAL IDS
db:NVDid:CVE-2006-3372
Trust: 2.5
db:BIDid:18822
Trust: 2.0
db:OSVDBid:26838
Trust: 1.7
db:SECTRACKid:1016441
Trust: 1.7
db:VUPENid:ADV-2006-2671
Trust: 1.7
db:JVNDBid:JVNDB-2006-003810
Trust: 0.8
db:CNNVDid:CNNVD-200607-064
Trust: 0.7
db:XFid:27594
Trust: 0.6
db:EXPLOIT-DBid:28165
Trust: 0.1
db:SEEBUGid:SSVID-81745
Trust: 0.1
db:VULHUBid:VHN-19480
Trust: 0.1
sources:
            
            
            VULHUB: VHN-19480 // 
            
            
            
            BID: 18822 // 
            
            
            
            JVNDB: JVNDB-2006-003810 // 
            
            
            
            CNNVD: CNNVD-200607-064 // 
            
            
            
            NVD: CVE-2006-3372

REFERENCES
url:http://browserfun.blogspot.com/2006/07/mobb-5-dhtml-setattributenode.html
Trust: 2.0
url:http://www.securityfocus.com/bid/18822
Trust: 1.7
url:http://www.osvdb.org/26838
Trust: 1.7
url:http://securitytracker.com/id?1016441
Trust: 1.7
url:http://www.vupen.com/english/advisories/2006/2671
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/27594
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3372
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3372
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/27594
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2006/2671
Trust: 0.6
url:http://www.apple.com/safari/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-19480 // 
            
            
            
            BID: 18822 // 
            
            
            
            JVNDB: JVNDB-2006-003810 // 
            
            
            
            CNNVD: CNNVD-200607-064 // 
            
            
            
            NVD: CVE-2006-3372

CREDITS
Dennis Cox is credited with the discovery of this issue.
Trust: 0.9
sources:
            
            
            BID: 18822 // 
            
            
            
            CNNVD: CNNVD-200607-064

SOURCES
db:VULHUBid:VHN-19480
db:BIDid:18822
db:JVNDBid:JVNDB-2006-003810
db:CNNVDid:CNNVD-200607-064
db:NVDid:CVE-2006-3372

LAST UPDATE DATE
2024-08-14T14:00:15.582000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-19480date:2017-07-20T00:00:00
db:BIDid:18822date:2006-07-05T20:19:00
db:JVNDBid:JVNDB-2006-003810date:2013-12-26T00:00:00
db:CNNVDid:CNNVD-200607-064date:2006-07-20T00:00:00
db:NVDid:CVE-2006-3372date:2017-07-20T01:32:16.787

SOURCES RELEASE DATE
db:VULHUBid:VHN-19480date:2006-07-06T00:00:00
db:BIDid:18822date:2006-07-05T00:00:00
db:JVNDBid:JVNDB-2006-003810date:2013-12-26T00:00:00
db:CNNVDid:CNNVD-200607-064date:2006-07-06T00:00:00
db:NVDid:CVE-2006-3372date:2006-07-06T20:05:00