CVE-2008-0894 - Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a

CVE-2008-0894

Summary

Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a denial of service (crash) via a crafted (1) bitmap (BMP) or (2) GIF file, a related issue to CVE-2008-0420.

References

http://securityreason.com/securityalert/3685
http://www.securityfocus.com/archive/1/488264/100/0/threaded
http://www.securityfocus.com/bid/27947
http://www.securitytracker.com/id?1019487
https://bugzilla.mozilla.org/show_bug.cgi?id=408076

Vulnerable Configurations

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 15-10-2018 - 22:03)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	27947
bugtraq	20080216 [HISPASEC] FireFox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak, FireFox 2.0.0.11 Remote Denial of Service
misc	https://bugzilla.mozilla.org/show_bug.cgi?id=408076
sectrack	1019487
sreason	3685

Last major update

15-10-2018 - 22:03

Published

21-02-2008 - 21:44

Last modified

15-10-2018 - 22:03