Vulnerabilities > CVE-2008-5821 - Resource Management Errors vulnerability in Apple Safari 3.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote attackers to cause a denial of service (memory consumption and browser crash) via a long ALINK attribute in a BODY element in an HTML document.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
OS | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description Safari 4.0.5 (531.22.7) Denial of Service. CVE-2008-5821. Dos exploit for windows platform id EDB-ID:12408 last seen 2016-02-01 modified 2010-04-26 published 2010-04-26 reporter Xss mAn source https://www.exploit-db.com/download/12408/ title Safari 4.0.5 531.22.7 Denial of Service description Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability (1). CVE-2008-5821. Dos exploit for osx platform id EDB-ID:32694 last seen 2016-02-03 modified 2009-01-01 published 2009-01-01 reporter Jeremy Brown source https://www.exploit-db.com/download/32694/ title Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability 1 description Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability (2). CVE-2008-5821. Dos exploit for osx platform id EDB-ID:32695 last seen 2016-02-03 modified 2009-01-01 published 2009-01-01 reporter Pr0T3cT10n source https://www.exploit-db.com/download/32695/ title Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability 2
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 33080 CVE(CAN) ID: CVE-2008-5821 Safari是苹果操作系统中所默认捆绑的WEB浏览器。 Safari所使用的WebKit(WebKit.dll)中存在内存泄露漏洞。如果用户受骗打开的HTML文档中BODY单元包含有超长的ALINK属性的话,就可以触发这个漏洞,导致浏览器由于内存耗尽而崩溃。 Apple Safari 3.2 - Microsoft Windows Vista 厂商补丁: Apple ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: <a href=http://www.apple.com target=_blank rel=external nofollow>http://www.apple.com</a> |
id | SSV:4615 |
last seen | 2017-11-19 |
modified | 2009-01-05 |
published | 2009-01-05 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-4615 |
title | Apple Safari WebKit alink属性内存泄露拒绝服务漏洞 |