CVE-2008-3632

 

Published at: - 11-09-2008 03:13

Last modified: - 09-08-2022 03:46

Total changes: - 2

Description

Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:C/I:C/A:C

 

Verification logic

 

Reference

• 31092-Patch
• APPLE-SA-2008-09-09-Patch, Vendor Advisory
• http://support.apple.com/kb/HT3129
• 31900-Vendor Advisory
• APPLE-SA-2008-09-12-Patch, Vendor Advisory
• 31823-Vendor Advisory
• 32099-Vendor Advisory
• 1020847-
• http://support.apple.com/kb/HT3026
• SUSE-SR:2008:019-
• ADV-2009-1522-Patch, Vendor Advisory
• 35379-Vendor Advisory
• http://support.apple.com/kb/HT3613
• APPLE-SA-2009-06-08-1-Patch, Vendor Advisory
• ADV-2008-2558-Vendor Advisory
• ADV-2008-2525-Vendor Advisory
• USN-676-1-
• 32860-

 

Keywords

NVD

 

CVE-2008-3632

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures