CVE-2005-3018 (GCVE-0-2005-3018)

Vulnerability from cvelistv5 – Published: 2005-09-21 04:00 – Updated: 2024-08-07 22:53

Summary

Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://marc.info/?l=bugtraq&m=112715234411672&w=2	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/16875/	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/14868	vdb-entryx_refsource_BID
	http://www.osvdb.org/19569	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:53:30.397Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "safari-data-uri-dos(22331)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
          },
          {
            "name": "20050917 Possible memory corruption problems in Apple Safari",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
          },
          {
            "name": "16875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16875/"
          },
          {
            "name": "14868",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14868"
          },
          {
            "name": "19569",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/19569"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "safari-data-uri-dos(22331)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
        },
        {
          "name": "20050917 Possible memory corruption problems in Apple Safari",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
        },
        {
          "name": "16875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16875/"
        },
        {
          "name": "14868",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14868"
        },
        {
          "name": "19569",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/19569"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3018",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "safari-data-uri-dos(22331)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
            },
            {
              "name": "20050917 Possible memory corruption problems in Apple Safari",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
            },
            {
              "name": "16875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/16875/"
            },
            {
              "name": "14868",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/14868"
            },
            {
              "name": "19569",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/19569"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3018",
    "datePublished": "2005-09-21T04:00:00",
    "dateReserved": "2005-09-21T00:00:00",
    "dateUpdated": "2024-08-07T22:53:30.397Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A419AE8-F5A2-4E25-9004-AAAB325E201A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"857C92E2-6870-409A-9457-75F8C5C7B959\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"443FF271-A3AB-4659-80B2-89F771BF5371\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3112AFEB-7893-467C-8B45-A44D5697BB79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FC83309-3A97-4619-B5C1-574610838BC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"891514D5-50C8-4EDC-81C5-24ABF8BCC022\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D3889ED-9329-4C84-A173-2553BEAE3EDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.\"}]",
      "id": "CVE-2005-3018",
      "lastModified": "2024-11-21T00:00:56.673",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-09-21T22:03:00.000",
      "references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/16875/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/19569\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/bid/14868\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/22331\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/16875/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/19569\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/bid/14868\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/22331\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-3018\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-09-21T22:03:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A419AE8-F5A2-4E25-9004-AAAB325E201A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"857C92E2-6870-409A-9457-75F8C5C7B959\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"443FF271-A3AB-4659-80B2-89F771BF5371\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3112AFEB-7893-467C-8B45-A44D5697BB79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FC83309-3A97-4619-B5C1-574610838BC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"891514D5-50C8-4EDC-81C5-24ABF8BCC022\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D3889ED-9329-4C84-A173-2553BEAE3EDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/16875/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/19569\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/14868\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/22331\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/16875/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/19569\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/14868\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/22331\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2005-3018

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.

Aliases

CVE-2005-3018

Aliases

CVE-2005-3018

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-3018",
    "description": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.",
    "id": "GSD-2005-3018"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-3018"
      ],
      "details": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.",
      "id": "GSD-2005-3018",
      "modified": "2023-12-13T01:20:12.970045Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-3018",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "safari-data-uri-dos(22331)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
          },
          {
            "name": "20050917 Possible memory corruption problems in Apple Safari",
            "refsource": "BUGTRAQ",
            "url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
          },
          {
            "name": "16875",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/16875/"
          },
          {
            "name": "14868",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/14868"
          },
          {
            "name": "19569",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/19569"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3018"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "14868",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/14868"
            },
            {
              "name": "19569",
              "refsource": "OSVDB",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.osvdb.org/19569"
            },
            {
              "name": "16875",
              "refsource": "SECUNIA",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/16875/"
            },
            {
              "name": "20050917 Possible memory corruption problems in Apple Safari",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
            },
            {
              "name": "safari-data-uri-dos(22331)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-11T01:33Z",
      "publishedDate": "2005-09-21T22:03Z"
    }
  }
}

GHSA-8XVC-7HJC-8CJX

Vulnerability from github – Published: 2022-05-01 02:13 – Updated: 2025-04-03 04:17

Details

Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-3018"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-09-21T22:03:00Z",
    "severity": "MODERATE"
  },
  "details": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.",
  "id": "GHSA-8xvc-7hjc-8cjx",
  "modified": "2025-04-03T04:17:41Z",
  "published": "2022-05-01T02:13:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3018"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/16875"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/19569"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/14868"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200509-0135

Vulnerability from variot - Updated: 2023-12-18 14:02

Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL. Apple Safari is prone to a memory corruption vulnerability. This issue is exposed when the browser opens specific 'data:' URIs, causing the browser to crash. Though unconfirmed, this vulnerability could be exploitable to execute arbitrary code. Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems.

Bist Du interessiert an einem neuen Job in IT-Sicherheit?

Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/

TITLE: Safari "data:" URI Handler Denial of Service Weakness

SECUNIA ADVISORY ID: SA16875

VERIFY ADVISORY: http://secunia.com/advisories/16875/

CRITICAL: Not critical

IMPACT: DoS

WHERE:

From remote

SOFTWARE: Safari 2.x http://secunia.com/product/5289/

DESCRIPTION: Jonathan Rockway has discovered a weakness in Safari, which can be exploited by malicious people to cause a DoS (Denial of Service).

The weakness is caused due to an error in the processing of URLs in the "data:" URI handler. This can be exploited to crash a vulnerable browser via e.g. an image tag referencing a specially crafted "data:" URL.

Example: data://

crash

The weakness has been confirmed in version 2.0 (412.2). Other versions may also be affected.

SOLUTION: Do not browse untrusted web sites.

PROVIDED AND/OR DISCOVERED BY: Jonathan Rockway

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200509-0135",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "2.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "1.2.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "1.2.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "1.2.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "1.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "1.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "mobile safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "14868"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3018"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jonathan Rockway  jrockw2@uic.edu",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2005-3018",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-14227",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2005-3018",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200509-214",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-14227",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14227"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL. Apple Safari is prone to a memory corruption vulnerability.  This issue is exposed when the browser opens specific \u0027data:\u0027 URIs, causing the browser to crash. \nThough unconfirmed, this vulnerability could be exploitable to execute arbitrary code. Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nSafari \"data:\" URI Handler Denial of Service Weakness\n\nSECUNIA ADVISORY ID:\nSA16875\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/16875/\n\nCRITICAL:\nNot critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nSafari 2.x\nhttp://secunia.com/product/5289/\n\nDESCRIPTION:\nJonathan Rockway has discovered a weakness in Safari, which can be\nexploited by malicious people to cause a DoS (Denial of Service). \n\nThe weakness is caused due to an error in the processing of URLs in\nthe \"data:\" URI handler. This can be exploited to crash a vulnerable\nbrowser via e.g. an image tag referencing a specially crafted \"data:\"\nURL. \n\nExample:\ndata://\u003ch1\u003ecrash\u003c/h1\u003e\n\nThe weakness has been confirmed in version 2.0 (412.2). Other\nversions may also be affected. \n\nSOLUTION:\nDo not browse untrusted web sites. \n\nPROVIDED AND/OR DISCOVERED BY:\nJonathan Rockway\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3018"
      },
      {
        "db": "BID",
        "id": "14868"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14227"
      },
      {
        "db": "PACKETSTORM",
        "id": "40131"
      }
    ],
    "trust": 1.35
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-14227",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14227"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "14868",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "16875",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "19569",
        "trust": 1.7
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3018",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "22331",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20050917 POSSIBLE MEMORY CORRUPTION PROBLEMS IN APPLE SAFARI",
        "trust": 0.6
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-79913",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "26271",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-14227",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "40131",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14227"
      },
      {
        "db": "BID",
        "id": "14868"
      },
      {
        "db": "PACKETSTORM",
        "id": "40131"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ]
  },
  "id": "VAR-200509-0135",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14227"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T14:02:45.480000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3018"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/16875/"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/14868"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/19569"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/22331"
      },
      {
        "trust": 0.6,
        "url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=112715234411672\u0026w=2"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/safari/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/411078"
      },
      {
        "trust": 0.1,
        "url": "http://marc.info/?l=bugtraq\u0026amp;m=112715234411672\u0026amp;w=2"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_vacancies/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5289/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14227"
      },
      {
        "db": "BID",
        "id": "14868"
      },
      {
        "db": "PACKETSTORM",
        "id": "40131"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-14227"
      },
      {
        "db": "BID",
        "id": "14868"
      },
      {
        "db": "PACKETSTORM",
        "id": "40131"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-09-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14227"
      },
      {
        "date": "2005-09-17T00:00:00",
        "db": "BID",
        "id": "14868"
      },
      {
        "date": "2005-09-21T01:21:34",
        "db": "PACKETSTORM",
        "id": "40131"
      },
      {
        "date": "2005-09-21T22:03:00",
        "db": "NVD",
        "id": "CVE-2005-3018"
      },
      {
        "date": "2005-09-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14227"
      },
      {
        "date": "2005-09-17T00:00:00",
        "db": "BID",
        "id": "14868"
      },
      {
        "date": "2017-07-11T01:33:04.813000",
        "db": "NVD",
        "id": "CVE-2005-3018"
      },
      {
        "date": "2005-10-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Safari Remote denial of service vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200509-214"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2005-3018

Vulnerability from fkie_nvd - Published: 2005-09-21 22:03 - Updated: 2025-04-03 01:03

Severity ?

Summary

Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=112715234411672&w=2
cve@mitre.org	http://secunia.com/advisories/16875/	Exploit, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/19569	Exploit
cve@mitre.org	http://www.securityfocus.com/bid/14868	Exploit
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/22331
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=112715234411672&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/16875/	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/19569	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/14868	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/22331

Impacted products

Vendor	Product	Version
apple	safari	1.0
apple	safari	1.1
apple	safari	1.2
apple	safari	1.2.1
apple	safari	1.2.2
apple	safari	1.2.3
apple	safari	1.3
apple	safari	2.0
apple	safari	2.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL."
    }
  ],
  "id": "CVE-2005-3018",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-09-21T22:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16875/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.osvdb.org/19569"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/14868"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16875/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.osvdb.org/19569"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/14868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2005-3018 (GCVE-0-2005-3018)

GSD-2005-3018

GHSA-8XVC-7HJC-8CJX

VAR-200509-0135

crash

FKIE_CVE-2005-3018

Tags

Sightings

Nomenclature