CVE-2008-5821

WebKit <3.2 - DoS

Title source: llm

Description

Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote attackers to cause a denial of service (memory consumption and browser crash) via a long ALINK attribute in a BODY element in an HTML document.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Xss mAn · perldoswindows

https://www.exploit-db.com/exploits/12408

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Pr0T3cT10n · phpdososx

https://www.exploit-db.com/exploits/32695

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Jeremy Brown · perldososx

https://www.exploit-db.com/exploits/32694

View Code ZIP pw:eip

References (4)

[Various Sources] http://jbrownsec.blogspot.com/2008/12/new-year-research-are-upon-us.html

[Exploit] http://packetstormsecurity.org/0812-exploits/safari_webkit_ml.txt

[Exploit] http://www.securityfocus.com/bid/33080

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/47724

Scores

EPSS 0.1371

EPSS Percentile 94.3%

Details

CWE

CWE-399

Status published

Products (1)

apple/safari 3.2

Published Jan 02, 2009

Tracked Since Feb 18, 2026