Skip to main content

CVE-2007-0644

Severity High
Score 7.1/10

Summary

Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions.

  • MEDIUM
  • NETWORK
  • NONE
  • NONE
  • NONE
  • COMPLETE

References

Advisory Timeline

  • Published