CVE-2008-4231

Sažetak

Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.

Reference

http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
http://www.securityfocus.com/bid/32394
http://support.apple.com/kb/HT3318
http://www.securitytracker.com/id?1021272
http://osvdb.org/50028
http://secunia.com/advisories/32756
http://support.apple.com/kb/HT3613
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://www.vupen.com/english/advisories/2009/1522
http://secunia.com/advisories/35379
http://www.fortiguardcenter.com/advisory/FGA-2009-23.html
http://www.vupen.com/english/advisories/2008/3232
http://www.securityfocus.com/archive/1/504211/100/0/threaded

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-08-2022 - 13:48

Objavljeno

25-11-2008 - 23:30