Test ID:	1.3.6.1.4.1.25623.1.0.800835
Category:	Denial of Service
Title:	Apple Safari JavaScript 'Reload()' DoS Vulnerability (Jul 2009)
Summary:	Apple Safari Web Browser is prone to a denial of service (DoS) vulnerability.
Description:	Summary: Apple Safari Web Browser is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to a use-after-free error while calling the 'servePendingRequests()' function in WebKit.via a crafted HTML document that references a zero-length '.js' file and the JavaScript reload function. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary code, and can deny the service in the vitim's system. Affected Software/OS: Apple Safari version 4.0.2 (4.30.19.1) and prior on Windows. Solution: Apply the patch from the referenced WebKit development repository. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2419 BugTraq ID: 35555 http://www.securityfocus.com/bid/35555 http://marcell-dietl.de/index/adv_safari_4_x_js_reload_dos.php http://www.osvdb.org/55587 http://secunia.com/advisories/33495 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2011/0212 XForce ISS Database: safari-servependingrequests-dos(51533) https://exchange.xforce.ibmcloud.com/vulnerabilities/51533
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.