Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-5821Missing Release of Memory after Effective Lifetime in Apple Safari

CWE-3995 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
13.7%
top 5.72%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apple Safari
Timeline
PublishedJan 2
Latest updateMay 17

Description

Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote attackers to cause a denial of service (memory consumption and browser crash) via a long ALINK attribute in a BODY element in an HTML document.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapple/safari3.2

🔴Vulnerability Details

1
GHSA
GHSA-j9x2-w3ff-pqpp: Memory leak in WebKit2022-05-17

💥Exploits & PoCs

3
Exploit-DB
Apple Safari 4.0.5 (531.22.7) - Denial of Service2010-04-26
Exploit-DB
Apple Safari 3.2 WebKit - 'alink' Property Memory Leak Remote Denial of Service (2)2009-01-01
Exploit-DB
Apple Safari 3.2 WebKit - 'alink' Property Memory Leak Remote Denial of Service (1)2009-01-01