VAR-200604-0271
Vulnerability from variot - Updated: 2023-12-18 11:43Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. NOTE: due to lack of diagnosis by the researcher, it is unclear which vector is responsible. Apple Safari There is a service disruption (DoS) There are vulnerabilities that are put into a state.Service disruption by a third party (DoS) There is a possibility of being put into a state. Apple Mac OS X is reported prone to multiple security vulnerabilities. These issue affect Mac OS X and various applications including Safari, Preview, Finder, QuickTime, and BOMArchiveHelper. A remote attacker may exploit these issues to execute arbitrary code and/or trigger a denial-of-service condition. Apple Mac OS X 10.4.6 and prior are reported vulnerable to these issues. When parsing malformed .tiff graphic files, LZWDecodeVector(), _cg_TIFFSetField () or PredictorVSetField () functions do not correctly parse the malformed data, resulting in the failure to open the graphic Application crashes. The vulnerability is triggered by the core .tiff parsing engine, so Preview, Finder, QuickTime, and Safari are all possible attack vectors. 2 When decompressing a specially crafted .zip file, the BOMStackPop () function does not correctly parse the malformed data, resulting in a heap overflow vulnerability. 4 When decompressing a specially crafted .bmp file, the ReadBMP () function does not correctly parse the malformed data, resulting in a heap overflow vulnerability. 5 When decompressing a specially crafted .gif file, the CFAllocatorAllocate () function does not correctly parse the malformed data, resulting in a heap overflow vulnerability.
1) An error exists in the "BOMStackPop()" function in the BOMArchiveHelper when decompressing malformed ZIP archives.
2) Some errors exists in the "KWQListIteratorImpl()", "drawText()", and "objc_msgSend_rtp()" functions in Safari when processing malformed HTML tags.
3) An error exists in the "ReadBMP()" function when processing malformed BMP images and can be exploited via e.g. Safari or the Preview application.
4) An error exists in the "CFAllocatorAllocate()" function when processing malformed GIF images and can be exploited via e.g. Safari when a user visits a malicious web site.
5) Two errors exists in the " _cg_TIFFSetField ()" and "PredictorVSetField()" functions when processing malformed TIFF images and can be exploited via e.g.
The vulnerabilities have been reported in version 10.4.6. Other versions may also be affected.
SOLUTION: Do not visit untrusted web sites, and do not open ZIP archives or images originating from untrusted sources.
PROVIDED AND/OR DISCOVERED BY: Tom Ferris
ORIGINAL ADVISORY: Tom Ferris: http://www.security-protocols.com/sp-x25-advisory.php http://www.security-protocols.com/sp-x26-advisory.php http://www.security-protocols.com/sp-x27-advisory.php http://www.security-protocols.com/sp-x28-advisory.php http://www.security-protocols.com/sp-x29-advisory.php http://www.security-protocols.com/sp-x30-advisory.php
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0271",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 2.7,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "mobile safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
}
],
"sources": [
{
"db": "BID",
"id": "17634"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003766"
},
{
"db": "NVD",
"id": "CVE-2006-1987"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1987"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tom Ferris tommy@security-protocols.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1987",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2006-1987",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-18095",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1987",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-412",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-18095",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-18095"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003766"
},
{
"db": "NVD",
"id": "CVE-2006-1987"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. NOTE: due to lack of diagnosis by the researcher, it is unclear which vector is responsible. Apple Safari There is a service disruption (DoS) There are vulnerabilities that are put into a state.Service disruption by a third party (DoS) There is a possibility of being put into a state. Apple Mac OS X is reported prone to multiple security vulnerabilities. \nThese issue affect Mac OS X and various applications including Safari, Preview, Finder, QuickTime, and BOMArchiveHelper. A remote attacker may exploit these issues to execute arbitrary code and/or trigger a denial-of-service condition. \nApple Mac OS X 10.4.6 and prior are reported vulnerable to these issues. When parsing malformed .tiff graphic files, LZWDecodeVector(), _cg_TIFFSetField () or PredictorVSetField () functions do not correctly parse the malformed data, resulting in the failure to open the graphic Application crashes. The vulnerability is triggered by the core .tiff parsing engine, so Preview, Finder, QuickTime, and Safari are all possible attack vectors. 2 When decompressing a specially crafted .zip file, the BOMStackPop () function does not correctly parse the malformed data, resulting in a heap overflow vulnerability. 4 When decompressing a specially crafted .bmp file, the ReadBMP () function does not correctly parse the malformed data, resulting in a heap overflow vulnerability. 5 When decompressing a specially crafted .gif file, the CFAllocatorAllocate () function does not correctly parse the malformed data, resulting in a heap overflow vulnerability. \n\n1) An error exists in the \"BOMStackPop()\" function in the\nBOMArchiveHelper when decompressing malformed ZIP archives. \n\n2) Some errors exists in the \"KWQListIteratorImpl()\", \"drawText()\",\nand \"objc_msgSend_rtp()\" functions in Safari when processing\nmalformed HTML tags. \n\n3) An error exists in the \"ReadBMP()\" function when processing\nmalformed BMP images and can be exploited via e.g. Safari or the\nPreview application. \n\n4) An error exists in the \"CFAllocatorAllocate()\" function when\nprocessing malformed GIF images and can be exploited via e.g. Safari\nwhen a user visits a malicious web site. \n\n5) Two errors exists in the \" _cg_TIFFSetField ()\" and\n\"PredictorVSetField()\" functions when processing malformed TIFF\nimages and can be exploited via e.g. \n\nThe vulnerabilities have been reported in version 10.4.6. Other\nversions may also be affected. \n\nSOLUTION:\nDo not visit untrusted web sites, and do not open ZIP archives or\nimages originating from untrusted sources. \n\nPROVIDED AND/OR DISCOVERED BY:\nTom Ferris\n\nORIGINAL ADVISORY:\nTom Ferris:\nhttp://www.security-protocols.com/sp-x25-advisory.php\nhttp://www.security-protocols.com/sp-x26-advisory.php\nhttp://www.security-protocols.com/sp-x27-advisory.php\nhttp://www.security-protocols.com/sp-x28-advisory.php\nhttp://www.security-protocols.com/sp-x29-advisory.php\nhttp://www.security-protocols.com/sp-x30-advisory.php\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1987"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003766"
},
{
"db": "BID",
"id": "17634"
},
{
"db": "VULHUB",
"id": "VHN-18095"
},
{
"db": "PACKETSTORM",
"id": "45638"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-1987",
"trust": 2.5
},
{
"db": "BID",
"id": "17634",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "19686",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-1452",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003766",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200604-412",
"trust": 0.7
},
{
"db": "XF",
"id": "25946",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-18095",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45638",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-18095"
},
{
"db": "BID",
"id": "17634"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003766"
},
{
"db": "PACKETSTORM",
"id": "45638"
},
{
"db": "NVD",
"id": "CVE-2006-1987"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
]
},
"id": "VAR-200604-0271",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-18095"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:43:53.272000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1987"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.security-protocols.com/sp-x26-advisory.php"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/17634"
},
{
"trust": 1.7,
"url": "http://security-protocols.com/poc/sp-x26-4.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/19686"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1452"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25946"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1987"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-1987"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25946"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1452"
},
{
"trust": 0.4,
"url": "http://www.security-protocols.com/sp-x29-advisory.php"
},
{
"trust": 0.4,
"url": "http://www.security-protocols.com/sp-x30-advisory.php"
},
{
"trust": 0.4,
"url": "http://www.security-protocols.com/sp-x28-advisory.php"
},
{
"trust": 0.4,
"url": "http://www.security-protocols.com/sp-x27-advisory.php"
},
{
"trust": 0.4,
"url": "http://www.security-protocols.com/sp-x25-advisory.php"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=303737"
},
{
"trust": 0.3,
"url": "http://www.security-protocols.com/sp-x24-advisory.php"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.security-protocols.com/modules.php?name=news\u0026file=article\u0026sid=3233"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://www.security-protocols.com/modules.php?name=news\u0026file=article\u0026sid=3236"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/19686/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-18095"
},
{
"db": "BID",
"id": "17634"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003766"
},
{
"db": "PACKETSTORM",
"id": "45638"
},
{
"db": "NVD",
"id": "CVE-2006-1987"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-18095"
},
{
"db": "BID",
"id": "17634"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003766"
},
{
"db": "PACKETSTORM",
"id": "45638"
},
{
"db": "NVD",
"id": "CVE-2006-1987"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-21T00:00:00",
"db": "VULHUB",
"id": "VHN-18095"
},
{
"date": "2006-04-20T00:00:00",
"db": "BID",
"id": "17634"
},
{
"date": "2013-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003766"
},
{
"date": "2006-04-25T22:06:23",
"db": "PACKETSTORM",
"id": "45638"
},
{
"date": "2006-04-21T22:02:00",
"db": "NVD",
"id": "CVE-2006-1987"
},
{
"date": "2005-11-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-18095"
},
{
"date": "2006-05-17T19:59:00",
"db": "BID",
"id": "17634"
},
{
"date": "2013-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003766"
},
{
"date": "2017-07-20T01:31:05.053000",
"db": "NVD",
"id": "CVE-2006-1987"
},
{
"date": "2006-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003766"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-412"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…