CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3946

WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.047

EPSS Ranking 89.0%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2006-3946

Apple » Safari » Version: 2.0.4

cpe:2.3:a:apple:safari:2.0.4
Apple » Mac Os X » Version: 10.3.9

cpe:2.3:o:apple:mac_os_x:10.3.9
Apple » Mac Os X » Version: 10.4

cpe:2.3:o:apple:mac_os_x:10.4
Apple » Mac Os X » Version: 10.4.1

cpe:2.3:o:apple:mac_os_x:10.4.1
Apple » Mac Os X » Version: 10.4.2

cpe:2.3:o:apple:mac_os_x:10.4.2
Apple » Mac Os X » Version: 10.4.3

cpe:2.3:o:apple:mac_os_x:10.4.3
Apple » Mac Os X » Version: 10.4.4

cpe:2.3:o:apple:mac_os_x:10.4.4
Apple » Mac Os X » Version: 10.4.5

cpe:2.3:o:apple:mac_os_x:10.4.5
Apple » Mac Os X » Version: 10.4.6

cpe:2.3:o:apple:mac_os_x:10.4.6
Apple » Mac Os X » Version: 10.4.7

cpe:2.3:o:apple:mac_os_x:10.4.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3946

Products

Pricing

Contact Us