Lucene search

[email protected]NVD:CVE-2008-3623

HistoryNov 17, 2008 - 6:18 p.m.

CVE-2008-3623

2008-11-1718:18:47

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.071

Percentile

94.2%

JSON

Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows, in iPhone OS 1.0 through 2.2.1, and in iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image, related to improper handling of color spaces.

Affected configurations

Nvd

Node

microsoftwindowsMatchxp

microsoftwindows_vistaMatch-

AND

applesafariwindows

applesafariRange≤3.1.2

applesafariMatch0.8

applesafariMatch0.9

applesafariMatch1.0

applesafariMatch1.0beta

applesafariMatch1.0beta2

applesafariMatch1.0.3

applesafariMatch1.1

applesafariMatch1.1.1

applesafariMatch1.2

applesafariMatch1.2.1

applesafariMatch1.2.2

applesafariMatch1.2.3

applesafariMatch1.2.4

applesafariMatch1.2.5

applesafariMatch1.3

applesafariMatch1.3.1

applesafariMatch1.3.2

applesafariMatch2

applesafariMatch2.0

applesafariMatch2.0.1

applesafariMatch2.0.2

applesafariMatch2.0.3

applesafariMatch2.0.3_417.9.3

applesafariMatch2.0.4

applesafariMatch2.0.4_419.3

applesafariMatch2.0_pre

applesafariMatch3

applesafariMatch3.0

applesafariMatch3.0windows

applesafariMatch3.0.1

applesafariMatch3.0.1windows

applesafariMatch3.0.2

applesafariMatch3.0.2windows

applesafariMatch3.0.3

applesafariMatch3.0.3windows

applesafariMatch3.0.3522.15.5

applesafariMatch3.0.4

applesafariMatch3.0.4_beta

applesafariMatch3.0.4_betawindows

applesafariMatch3.1

applesafariMatch3.1.1

VendorProductVersionCPE
microsoftwindowsxpcpe:2.3:o:microsoft:windows:xp:*:*:*:*:*:*:*
microsoftwindows_vista-cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*
applesafari*cpe:2.3:a:apple:safari:*:*:windows:*:*:*:*:*
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
applesafari0.8cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:*
applesafari0.9cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:*
applesafari1.0cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*
applesafari1.0cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*
applesafari1.0cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*
applesafari1.0.3cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows	xp	cpe:2.3:o:microsoft:windows:xp:::::::*
microsoft	windows_vista	-	cpe:2.3:o:microsoft:windows_vista:-:::::::*
apple	safari	*	cpe:2.3:a:apple:safari:::windows:::::*
apple	safari	*	cpe:2.3:a:apple:safari::::::::
apple	safari	0.8	cpe:2.3:a:apple:safari:0.8:::::::*
apple	safari	0.9	cpe:2.3:a:apple:safari:0.9:::::::*
apple	safari	1.0	cpe:2.3:a:apple:safari:1.0:::::::*
apple	safari	1.0	cpe:2.3:a:apple:safari:1.0:beta::::::
apple	safari	1.0	cpe:2.3:a:apple:safari:1.0:beta2::::::
apple	safari	1.0.3	cpe:2.3:a:apple:safari:1.0.3:::::::*