Lucene search
MitreCVE-2008-1024HistoryApr 17, 2008 - 7:05 p.m.
CVE-2008-1024
2008-04-1719:05:00
CWE-399
mitre
web.nvd.nist.gov
30
apple
safari
vulnerability
windows
xp
vista
nvd
cve-2008-1024
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.03
Percentile
91.0%
Apple Safari before 3.1.1, when running on Windows XP or Vista, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file download with a crafted file name, which triggers memory corruption.
Affected configurations
Node
microsoftwindows_vista
ORmicrosoftwindows_xp
applesafariMatch3
ORapplesafariMatch3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_vista | * | cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:* |
| microsoft | windows_xp | * | cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:* |
| apple | safari | 3 | cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:* |
| apple | safari | 3.1 | cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:* |
References
Related
prion
prion
Memory corruption
2008-04-17 19:05:00
cert
cert
Apple Safari fails to properly handle a file name
2008-04-18 00:00:00
nvd
nvd
CVE-2008-1024
2008-04-17 19:05:00
cvelist
cvelist
CVE-2008-1024
2008-04-17 17:00:00
seebug
seebug
Apple Safari 3.1.1版本修复多个安全漏洞
2008-04-18 00:00:00
nessus
nessus
Safari < 3.1.1 Multiple Vulnerabilities
2008-04-18 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.03
Percentile
91.0%
Related for CVE-2008-1024