Apple OS X WebKit WebCore::ArrayImpl “ROWSPAN” DoS
Was bored over the weekend… Below is an overview of the advisory:
“A denial of service (null pointer) vulnerability exists within WebKit which allows for an attacker to post a specially crafted .html page causing the application to crash. This is basiclly a follow up to another flaw which was reported by Yannick von Arx, that was fixed in the latest build of WebKit but was not fixed in Safari.”
Full advisory here: sp-x41-advisory
