The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Safari | Apple | 1.0 (including) | 1.0 (including) |
Safari | Apple | 1.1 (including) | 1.1 (including) |
Safari | Apple | beta2 (including) | beta2 (including) |