CVE-2008-1010Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources
Severity
6.8MEDIUMNVD
EPSS
6.7%
top 8.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedMar 19
Latest updateMay 1

Description

Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows remote attackers to execute arbitrary code via crafted regular expressions in JavaScript.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDapple/safari16 versions+15

Patches

Patch: lists.apple.comPatch: lists.apple.com

🔴Vulnerability Details

1
GHSA
GHSA-jx7p-gvmq-7763: Buffer overflow in WebKit, as used in Apple Safari before 32022-05-01

💥Exploits & PoCs

2
Exploit-DB
VideoLAN VLC Media Player 0.9.2 Media Player - XSPF Memory Corruption2008-10-14
Exploit-DB
Crysis 1.1.1.5879 - Remote Format String Denial of Service (PoC)2008-02-28

📋Vendor Advisories

1
Red Hat
WebKit Arbitrary code execution

💬Community

1
Bugzilla
CVE-2008-1010 WebKit Arbitrary code execution2008-03-21