Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-3372 — Apple Safari vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

6.5%

top 8.90%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apple Safari

Timeline

PublishedJul 6

Latest updateMay 1

Description

Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of service (application crash) via a DHTML setAttributeNode function call with zero arguments, which triggers a null dereference.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/safari2.0.4_419.3

🔴Vulnerability Details

GHSA

GHSA-9cg2-r7h8-hmrh: Apple Safari 2↗2022-05-01

▶

💥Exploits & PoCs

Exploit-DB

Apple Safari Web Browser 2.0.4 - DHTML SetAttributeNode() Null Dereference Denial of Service↗2006-07-05

▶