CVE-2008-2001Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.8%
top 25.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedApr 28
Latest updateMay 1

Description

Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via a file:///%E2 link that triggers an out-of-bounds access, possibly due to a NULL pointer dereference.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDapple/safari3.1.1

🔴Vulnerability Details

1
GHSA
GHSA-62fq-q4f8-f9hj: Apple Safari 32022-05-01

💥Exploits & PoCs

9
Exploit-DB
SasCam WebCam Server 2.6.5 - ActiveX Overwrite (SEH)2010-07-03
Exploit-DB
Microsoft Windows Vista/2008 - ICMPv6 Router Advertisement Remote Code Execution2010-02-09
Exploit-DB
Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure2008-12-16
Exploit-DB
VideoLAN VLC Media Player 0.9.4 - '.ty' Local Buffer Overflow (SEH)2008-10-23
Exploit-DB
CitectSCADA ODBC Server - Remote Stack Buffer Overflow (Metasploit)2008-09-05

📋Vendor Advisories

2
Red Hat
namazu XSS flaw
Red Hat
CVE-2008-5377: pstopdf in CUPS 1