Vulnerabilities > CVE-2008-5821 - Resource Management Errors vulnerability in Apple Safari 3.2

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
apple
microsoft
CWE-399
exploit available

Summary

Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote attackers to cause a denial of service (memory consumption and browser crash) via a long ALINK attribute in a BODY element in an HTML document.

Vulnerable Configurations

Part Description Count
Application
Apple
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)

Exploit-Db

  • descriptionSafari 4.0.5 (531.22.7) Denial of Service. CVE-2008-5821. Dos exploit for windows platform
    idEDB-ID:12408
    last seen2016-02-01
    modified2010-04-26
    published2010-04-26
    reporterXss mAn
    sourcehttps://www.exploit-db.com/download/12408/
    titleSafari 4.0.5 531.22.7 Denial of Service
  • descriptionApple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability (1). CVE-2008-5821. Dos exploit for osx platform
    idEDB-ID:32694
    last seen2016-02-03
    modified2009-01-01
    published2009-01-01
    reporterJeremy Brown
    sourcehttps://www.exploit-db.com/download/32694/
    titleApple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability 1
  • descriptionApple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability (2). CVE-2008-5821. Dos exploit for osx platform
    idEDB-ID:32695
    last seen2016-02-03
    modified2009-01-01
    published2009-01-01
    reporterPr0T3cT10n
    sourcehttps://www.exploit-db.com/download/32695/
    titleApple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability 2

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 33080 CVE(CAN) ID: CVE-2008-5821 Safari是苹果操作系统中所默认捆绑的WEB浏览器。 Safari所使用的WebKit(WebKit.dll)中存在内存泄露漏洞。如果用户受骗打开的HTML文档中BODY单元包含有超长的ALINK属性的话,就可以触发这个漏洞,导致浏览器由于内存耗尽而崩溃。 Apple Safari 3.2 - Microsoft Windows Vista 厂商补丁: Apple ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: <a href=http://www.apple.com target=_blank rel=external nofollow>http://www.apple.com</a>
idSSV:4615
last seen2017-11-19
modified2009-01-05
published2009-01-05
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-4615
titleApple Safari WebKit alink属性内存泄露拒绝服务漏洞