CVE-2008-3950

2008-09-1623:00:01

CWE-189

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.1

Confidence

Low

EPSS

0.055

Percentile

93.4%

JSON

Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple iPhone 1.1.4 and 2.0 and iPod touch 1.1.4 and 2.0 allows remote attackers to cause a denial of service (browser crash) via a JavaScript alert call with an argument that lacks breakable characters and has a length that is a multiple of the memory page size, leading to an out-of-bounds read.

Affected configurations

Nvd

Node

appleiphoneMatch1.1.4

appleiphoneMatch2.0

appleipod_touchMatch1.1.4

appleipod_touchMatch2.0

AND

applesafari

VendorProductVersionCPE
appleiphone1.1.4cpe:2.3:h:apple:iphone:1.1.4:*:*:*:*:*:*:*
appleiphone2.0cpe:2.3:h:apple:iphone:2.0:*:*:*:*:*:*:*
appleipod_touch1.1.4cpe:2.3:h:apple:ipod_touch:1.1.4:*:*:*:*:*:*:*
appleipod_touch2.0cpe:2.3:h:apple:ipod_touch:2.0:*:*:*:*:*:*:*
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	iphone	1.1.4	cpe:2.3:h:apple:iphone:1.1.4:::::::*
apple	iphone	2.0	cpe:2.3:h:apple:iphone:2.0:::::::*
apple	ipod_touch	1.1.4	cpe:2.3:h:apple:ipod_touch:1.1.4:::::::*
apple	ipod_touch	2.0	cpe:2.3:h:apple:ipod_touch:2.0:::::::*
apple	safari	*	cpe:2.3:a:apple:safari::::::::