漏洞信息详情
Apple Mac OS X KHTML解析器远程拒绝服务漏洞
- CNNVD编号:CNNVD-200512-545
- 危害等级: 高危
![图片[1]-Apple Mac OS X KHTML解析器远程拒绝服务漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-26/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2005-4504
- 漏洞类型:
资料不足
- 发布时间:
2005-11-14
- 威胁类型:
远程
- 更新时间:
2005-12-27
- 厂 商:
apple - 漏洞来源:
Tom Ferris tommy@… -
漏洞简介
Apple Mac OS X是苹果家族电脑所使用的操作系统。
Mac OS X的KHTML解析器中存在拒绝服务漏洞。
在运行特制的.html文件时,khtml::RenderTableSection::ensureRows没有正确的解析数据,导致崩溃。KTHML解析器试图将内部数组的大小调整为rowspan值所显示的单元数。如果这个值很大的话,就无法调整数组,应用程序就会终止。
下面显示的是gdb中OS X 10.4.3上使用Safari所触发的崩溃:
Program received signal SIGABRT, Aborted.
0x9004716c in kill ()
(gdb) bt
#0 0x9004716c in kill ()
#1 0x90128b98 in abort ()
#2 0x95dcd974 in khtml::sYSMALLOc () <(=– Is called because of sYSMALLOc(1234567890)
#3 0x95dce1a4 in khtml::main_thread_realloc ()
#4 0x95bc0d64 in KWQArrayImpl::resize ()
#5 0x95c05428 in khtml::RenderTableSection::ensureRows ()
#6 0x95c0784c in khtml::RenderTableSection::addCell ()
#7 0x95c076ac in khtml::RenderTableRow::addChild ()
#8 0x95bcb2d8 in DOM::NodeImpl::createRendererIfNeeded ()
#9 0x95bcb1c4 in DOM::ElementImpl::attach ()
#10 0x95bca254 in KHTMLParser::insertNode ()
#11 0x95bcadd8 in KHTMLParser::insertNode ()
#12 0x95bcadd8 in KHTMLParser::insertNode ()
#13 0x95bc83fc in KHTMLParser::parseToken ()
#14 0x95bc54a4 in khtml::HTMLTokenizer::processToken ()
#15 0x95bc6e08 in khtml::HTMLTokenizer::parseTag ()
#16 0x95bc4d24 in khtml::HTMLTokenizer::write ()
#17 0x95bc038c in KHTMLPart::write ()
#18 0x959b510c in -[WebDataSource(WebPrivate) _commitLoadWithData:] ()
#19 0x9598165c in -[WebMainResourceClient addData:] ()
#20 0x95981588 in -[WebBaseResourceHandleDelegate didReceiveData:lengthReceived:] ()
#21 0x959db930 in -[WebMainResourceClient didReceiveData:lengthReceived:] ()
#22 0x95981524 in -[WebBaseResourceHandleDelegate connection:didReceiveData:lengthReceived:] ()
#23 0x92910a64 in -[NSURLConnection(NSURLConnectionInternal) _sendDidReceiveDataCallback] ()
#24 0x9290ef04 in -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] ()
#25 0x9290eca0 in _sendCallbacks ()
#26 0x9075db20 in __CFRunLoopDoSources0 ()
#27 0x9075cf98 in __CFRunLoopRun ()
#28 0x9075ca18 in CFRunLoopRunSpecific ()
#29 0x931861e0 in RunCurrentEventLoopInMode ()
#30 0x931857ec in ReceiveNextEventCommon ()
#31 0x931856e0 in BlockUntilNextEventMatchingListInMode ()
#32 0x93683904 in _DPSNextEvent ()
#33 0x936835c8 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#34 0x00007910 in ?? ()
#35 0x9367fb0c in -[NSApplication run] ()
#36 0x93770618 in NSApplicationMain ()
#37 0x0000307c in ?? ()
#38 0x00057758 in ?? ()
漏洞公告
参考网址
来源:US-CERT Technical Alert
名称: TA06-062A
链接:http://www.us-cert.gov/cas/techalerts/TA06-062A.html
来源:US-CERT Vulnerability Note
名称: VU#351217
链接:http://www.kb.cert.org/vuls/id/351217
来源: BID
名称: 16045
链接:http://www.securityfocus.com/bid/16045
来源: MISC
链接:http://security-protocols.com/advisory/sp-x22-advisory.txt
来源: SECUNIA
名称: 18220
链接:http://secunia.com/advisories/18220
来源: XF
名称: macos-khtmlparser-dos(23819)
链接:http://xforce.iss.net/xforce/xfdb/23819
来源: BID
名称: 16907
链接:http://www.securityfocus.com/bid/16907
来源: VUPEN
名称: ADV-2006-0791
链接:http://www.frsirt.com/english/advisories/2006/0791
来源: VUPEN
名称: ADV-2005-3058
链接:http://www.frsirt.com/english/advisories/2005/3058
来源: SECUNIA
名称: 19064
链接:http://secunia.com/advisories/19064
来源: APPLE
名称: APPLE-SA-2006-03-01
链接:http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
来源: docs.info.apple.com
链接:http://docs.info.apple.com/jarticle.html?artnum=303382-en
来源: docs.info.apple.com
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
