CVE-2009-0321

Name of the Vulnerable Software and Affected Versions Apple Safari version 3.2.1

Description The issue allows remote attackers to cause a denial of service, potentially resulting in an infinite loop or access violation, by exploiting a link to an http URI with a specific authority portion. This authority portion can be either a single dot (.) or a dot dot (..) sequence.

Recommendations For Apple Safari version 3.2.1, consider avoiding links with http URIs containing a single dot (.) or dot dot (..) sequence in the authority portion until a fix is available. As a temporary workaround, restrict access to such links to minimize the risk of exploitation.