################################################### Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES ################################################### Safari browser for windows is prone vulnerable to a Denial of service condition , this issue affects webkit.dll and cause a crash when Safari try to render a SGV image with a very long font size text style. ############ versions ############ Safari for windows 5.0.1 (7533.17.8) on windows 7 ultimate fully patched. Safari for windows windows 5.0.1 (7533.17.8) on windows xp home sp3 fully patched ############ Timeline ############ Discovered:19-08-2010 vendor notify:25-08-2010 Vendor response:26-08-2010 Disclosure: 30-09-2010 #################### Proof Of Concept #################### Save This code as image.svg and open it with Safari,look i have add some "extra" pixels in font size text style. ################ BOF image.svg ###################### Safari Now Crash ###############EOF#################### ################# €nd ############### Thnx To Climbo for his patience and support. -- atentamente: Lostmon (lostmon@gmail.com) Web-Blog: http://lostmon.blogspot.com/ Google group: http://groups.google.com/group/lostmon (new) -- La curiosidad es lo que hace mover la mente....