CVE-2008-3950

2008-09-1623:00:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2008-3950

webkit

safari

apple iphone

ipod touch

out-of-bounds read

denial of service

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.061 Low

EPSS

Percentile

93.5%

JSON

Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple iPhone 1.1.4 and 2.0 and iPod touch 1.1.4 and 2.0 allows remote attackers to cause a denial of service (browser crash) via a JavaScript alert call with an argument that lacks breakable characters and has a length that is a multiple of the memory page size, leading to an out-of-bounds read.

CPENameOperatorVersion
apple:iphoneapple iphoneeq1.1.4
apple:iphoneapple iphoneeq2.0
apple:ipod_touchapple ipod toucheq1.1.4
apple:ipod_touchapple ipod toucheq2.0
apple:safariapple safarieq*

CPE	Name	Operator	Version
apple:iphone	apple iphone	eq	1.1.4
apple:iphone	apple iphone	eq	2.0
apple:ipod_touch	apple ipod touch	eq	1.1.4
apple:ipod_touch	apple ipod touch	eq	2.0
apple:safari	apple safari	eq	*