WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document containing XML that triggers a parsing error, related to ProcessInstruction.
Software | From | Fixed in |
---|---|---|
apple / safari | - | 4.0.5.x |
apple / safari | 4.0 | 4.0.x |
apple / safari | 4.0.0b | 4.0.0b.x |
apple / safari | 4.0.1 | 4.0.1.x |
apple / safari | 4.0.2 | 4.0.2.x |
apple / safari | 4.0.3 | 4.0.3.x |
apple / safari | 4.0.4 | 4.0.4.x |
apple / webkit | - | - |