Lucene search

[email protected]CVE-2008-2001

HistoryApr 28, 2008 - 8:05 p.m.

CVE-2008-2001

2008-04-2820:05:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-2001

apple safari

denial of service

application crash

security vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.177

Percentile

96.2%

JSON

Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via a file:///%E2 link that triggers an out-of-bounds access, possibly due to a NULL pointer dereference.

Affected configurations

NVD

Node

applesafariMatch3.1.1

VendorProductVersionCPE
applesafari3.1.1cpe:/a:apple:safari:3.1.1:::

Vendor	Product	Version	CPE
apple	safari	3.1.1	cpe:/a:apple:safari:3.1.1:::

References

es.geocities.com/jplopezy/pruebasafari3.html

securityreason.com/securityalert/3833

www.securityfocus.com/archive/1/491192/100/0/threaded

www.vupen.com/english/advisories/2008/1347

exchange.xforce.ibmcloud.com/vulnerabilities/41984

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.177

Percentile

96.2%

JSON

Related for CVE-2008-2001

nvd1 prion1 checkpoint_advisories1 cvelist1