High severity7.5NVD Advisory· Published Jan 18, 2007· Updated Apr 23, 2026

CVE-2007-0342

Description

WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than CVE-2006-2019.

Affected products

Apple Inc./Safari
cpe:2.3:a:apple:safari:2.0.4_419.3:*:*:*:*:*:*:*
Apple Inc./Webkit
cpe:2.3:a:apple:webkit:build_18794:*:*:*:*:*:*:*
Omnigroup/Omniweb
cpe:2.3:a:omnigroup:omniweb:5.5.3:*:*:*:*:*:*:*
Apple Inc./Mac Os X
cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security-protocols.com/sp-x41-advisory.phpnvdExploitVendor Advisory
www.securityfocus.com/bid/22059nvdExploit

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000