9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
High
0.058 Low
EPSS
Percentile
93.4%
Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements.
lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
lists.apple.com/archives/security-announce/2009/jun/msg00002.html
lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
secunia.com/advisories/31823
secunia.com/advisories/31900
secunia.com/advisories/32099
secunia.com/advisories/32860
secunia.com/advisories/35379
support.apple.com/kb/HT3026
support.apple.com/kb/HT3129
support.apple.com/kb/HT3613
www.securityfocus.com/bid/31092
www.securitytracker.com/id?1020847
www.ubuntu.com/usn/USN-676-1
www.vupen.com/english/advisories/2008/2525
www.vupen.com/english/advisories/2008/2558
www.vupen.com/english/advisories/2009/1522