Lucene search

[email protected]CVE-2008-3876

HistorySep 02, 2008 - 2:24 p.m.

CVE-2008-3876

2008-09-0214:24:00

CWE-264

[email protected]

web.nvd.nist.gov

apple

iphone

cve-2008-3876

access restrictions

bypass

security vulnerability

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

36.0%

JSON

Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a tap of any contact’s blue arrow.

Affected configurations

NVD

Node

appleiphoneMatch2.0.2

CPENameOperatorVersion
apple:iphoneapple iphoneeq2.0.2

CPE	Name	Operator	Version
apple:iphone	apple iphone	eq	2.0.2

References

forums.macrumors.com/showpost.php?p=6121914&postcount=118

forums.macrumors.com/showthread.php?t=551617

securitytracker.com/id?1020763

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

36.0%

JSON

Related for CVE-2008-3876

nvd1 cvelist1 prion1