Lucene search

MitreCVE-2008-1590

HistoryJul 14, 2008 - 6:41 p.m.

CVE-2008-1590

2008-07-1418:41:00

CWE-399

mitre

web.nvd.nist.gov

cve-2008-1590

javascriptcore

webkit

apple

iphone

ipod touch

remote attackers

arbitrary code

denial of service

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.781

Percentile

98.3%

JSON

JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger memory corruption, a different vulnerability than CVE-2008-2317.

Affected configurations

Nvd

Node

appleiphoneMatch1.0

appleiphoneMatch1.1.3

appleiphoneMatch1.1.4

appleiphoneMatch1.02

appleipod_touchMatch1.1

appleipod_touchMatch1.1.1

appleipod_touchMatch1.1.2

appleipod_touchMatch1.1.3

appleipod_touchMatch1.1.4

appleiphone_osMatch1.0.1

appleiphone_osMatch1.0.2

appleiphone_osMatch1.1.1

appleiphone_osMatch1.1.2

AND

webkitjavascriptcore

VendorProductVersionCPE
appleiphone1.0cpe:2.3:h:apple:iphone:1.0:*:*:*:*:*:*:*
appleiphone1.1.3cpe:2.3:h:apple:iphone:1.1.3:*:*:*:*:*:*:*
appleiphone1.1.4cpe:2.3:h:apple:iphone:1.1.4:*:*:*:*:*:*:*
appleiphone1.02cpe:2.3:h:apple:iphone:1.02:*:*:*:*:*:*:*
appleipod_touch1.1cpe:2.3:h:apple:ipod_touch:1.1:*:*:*:*:*:*:*
appleipod_touch1.1.1cpe:2.3:h:apple:ipod_touch:1.1.1:*:*:*:*:*:*:*
appleipod_touch1.1.2cpe:2.3:h:apple:ipod_touch:1.1.2:*:*:*:*:*:*:*
appleipod_touch1.1.3cpe:2.3:h:apple:ipod_touch:1.1.3:*:*:*:*:*:*:*
appleipod_touch1.1.4cpe:2.3:h:apple:ipod_touch:1.1.4:*:*:*:*:*:*:*
appleiphone_os1.0.1cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	iphone	1.0	cpe:2.3:h:apple:iphone:1.0:::::::*
apple	iphone	1.1.3	cpe:2.3:h:apple:iphone:1.1.3:::::::*
apple	iphone	1.1.4	cpe:2.3:h:apple:iphone:1.1.4:::::::*
apple	iphone	1.02	cpe:2.3:h:apple:iphone:1.02:::::::*
apple	ipod_touch	1.1	cpe:2.3:h:apple:ipod_touch:1.1:::::::*
apple	ipod_touch	1.1.1	cpe:2.3:h:apple:ipod_touch:1.1.1:::::::*
apple	ipod_touch	1.1.2	cpe:2.3:h:apple:ipod_touch:1.1.2:::::::*
apple	ipod_touch	1.1.3	cpe:2.3:h:apple:ipod_touch:1.1.3:::::::*
apple	ipod_touch	1.1.4	cpe:2.3:h:apple:ipod_touch:1.1.4:::::::*
apple	iphone_os	1.0.1	cpe:2.3:o:apple:iphone_os:1.0.1:::::::*