Lucene search

[email protected]NVD:CVE-2008-1590

HistoryJul 14, 2008 - 6:41 p.m.

CVE-2008-1590

2008-07-1418:41:00

CWE-399

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.783 High

EPSS

Percentile

98.3%

JSON

JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger memory corruption, a different vulnerability than CVE-2008-2317.

Affected configurations

NVD

Node

appleiphoneMatch1.0

appleiphoneMatch1.1.3

appleiphoneMatch1.1.4

appleiphoneMatch1.02

appleipod_touchMatch1.1

appleipod_touchMatch1.1.1

appleipod_touchMatch1.1.2

appleipod_touchMatch1.1.3

appleipod_touchMatch1.1.4

appleiphone_osMatch1.0.1

appleiphone_osMatch1.0.2

appleiphone_osMatch1.1.1

appleiphone_osMatch1.1.2

AND

webkitjavascriptcore

References

lists.apple.com/archives/security-announce/2008//Jul/msg00001.html

secunia.com/advisories/31074

www.securityfocus.com/bid/30186

www.vupen.com/english/advisories/2008/2094/references

exchange.xforce.ibmcloud.com/vulnerabilities/43738

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.783 High

EPSS

Percentile

98.3%

JSON

Related for NVD:CVE-2008-1590

cvelist2 nvd1 cve2 prion2 zdi1 securityvulns2 seebug1 nessus3