Vulnerabilities > CVE-2008-5821 - Resource Management Errors vulnerability in Apple Safari 3.2

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

apple

microsoft

CWE-399

exploit available

NVD

Published: 2009-01-02

Updated: 2017-08-08

Summary

Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote attackers to cause a denial of service (memory consumption and browser crash) via a long ALINK attribute in a BODY element in an HTML document.

Vulnerable Configurations

Part	Description	Count
Application	Apple Apple Safari 3.2	1
OS	Microsoft Microsoft Windows Vista *	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Exploit-Db

description	Safari 4.0.5 (531.22.7) Denial of Service. CVE-2008-5821. Dos exploit for windows platform
id	EDB-ID:12408
last seen	2016-02-01
modified	2010-04-26
published	2010-04-26
reporter	Xss mAn
source	https://www.exploit-db.com/download/12408/
title	Safari 4.0.5 531.22.7 Denial of Service

description	Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability (1). CVE-2008-5821. Dos exploit for osx platform
id	EDB-ID:32694
last seen	2016-02-03
modified	2009-01-01
published	2009-01-01
reporter	Jeremy Brown
source	https://www.exploit-db.com/download/32694/
title	Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability 1

description	Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability (2). CVE-2008-5821. Dos exploit for osx platform
id	EDB-ID:32695
last seen	2016-02-03
modified	2009-01-01
published	2009-01-01
reporter	Pr0T3cT10n
source	https://www.exploit-db.com/download/32695/
title	Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability 2

Seebug

bulletinFamily	exploit
description	BUGTRAQ ID: 33080 CVE(CAN) ID: CVE-2008-5821 Safari是苹果操作系统中所默认捆绑的WEB浏览器。 Safari所使用的WebKit（WebKit.dll）中存在内存泄露漏洞。如果用户受骗打开的HTML文档中BODY单元包含有超长的ALINK属性的话，就可以触发这个漏洞，导致浏览器由于内存耗尽而崩溃。 Apple Safari 3.2 - Microsoft Windows Vista 厂商补丁： Apple ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： <a href=http://www.apple.com target=_blank rel=external nofollow>http://www.apple.com</a>
id	SSV:4615
last seen	2017-11-19
modified	2009-01-05
published	2009-01-05
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-4615
title	Apple Safari WebKit alink属性内存泄露拒绝服务漏洞

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

Seebug

References