Intrusion Prevention

Apple.Safari.CSS.DoS

Description

This indicates an attack attempt against a Denial of Service vulnerability in Apple Safari.
The vulnerability is caused by an error when the software handles a long URL value in the CSS "background" property. It allows a remote attacker to crush Safari via enticing legitimate users access a crafted CSS.

Affected Products

Apple Safari 4.0.3 for Windows.

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the web site.
http://www.apple.com/safari/

CVE References

CVE-2009-4186