CVE-2007-0644 Information

Description

Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions.

Reference

http://www.digitalmunition.com/MOAB-30-01-2007.html http://www.osvdb.org/32710 http://www.securityfocus.com/bid/22326