CVE-2008-0729

2008-02-1221:00:00

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.5

Confidence

Low

EPSS

0.974

Percentile

99.9%

JSON

Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

appleiphoneMatch1.1.3

appleiphone_osMatch1.1.2

AND

applemobile_safari

VendorProductVersionCPE
appleiphone1.1.3cpe:2.3:h:apple:iphone:1.1.3:*:*:*:*:*:*:*
appleiphone_os1.1.2cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
applemobile_safari*cpe:2.3:a:apple:mobile_safari:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	iphone	1.1.3	cpe:2.3:h:apple:iphone:1.1.3:::::::*
apple	iphone_os	1.1.2	cpe:2.3:o:apple:iphone_os:1.1.2:::::::*
apple	mobile_safari	*	cpe:2.3:a:apple:mobile_safari::::::::