cbcvebase.
CVE-2008-5282
published 2008-11-29

CVE-2008-5282: Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via (1) a link with a long HREF…

PriorityP357critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
17.64%
96.8th percentile
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via (1) a link with a long HREF attribute, and (2) a DIV tag with a long id attribute.

Affected

1 ranges
VendorProductVersion rangeFixed in
w3camaya_web_browser

Detection & IOCsextracted from sources · hover to see the quote

versionW3C Amaya Web Browser 10.0.1
  • Stack overflow triggered via a long HREF attribute in a link element (URL bar vector). Payload is delivered through the URL bar or via 'Create or change link...' dialog. Detect abnormally long HREF values in HTML content served to Amaya.
  • EIP overwrite return address used in both PoC exploits is 0x7D035F53 (\x53\x5f\x03\x7d). Presence of this 4-byte sequence at the EIP-overwrite offset in a payload targeting Amaya is a strong indicator of exploitation.
  • ·The PoC exploits target Amaya 10.1 while the CVE references 10.0.1; both versions are affected by the same overflow vectors.
  • ·The max usable byte value in shellcode is 0x1fffff due to the TtaWCToMBstring wchar_t conversion function; exploit shellcode must be crafted to stay within this constraint, limiting standard shellcode reuse.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.