Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2008-3632

Published: 11/09/2008 Updated: 09/08/2022
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Apple

Vulnerability Summary

Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 up to and including 2.0.2, and iPhone 1.0 up to and including 2.0.2, allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements.

Vulnerable Product Search on Vulmon Subscribe to Product

apple iphone 2.0.1

apple iphone 2.0.2

apple iphone 2.0

apple ipod touch 1.1.2

apple iphone os 1.1.1

apple iphone 1.1.4

apple iphone 1.1.3

apple ipod touch 1.1

apple ipod touch 2.0.1

apple ipod touch 1.1.1

apple ipod touch 2.0

apple ipod touch 2.0.2

apple iphone 1.1

apple ipod touch 1.1.3

apple ipod touch 1.1.4

apple iphone os 1.1.2

Vendor Advisories

Ubuntu Security Notice: webkit vulnerability
It was discovered that WebKit did not properly handle Cascading Style Sheets (CSS) import statements If a user were tricked into opening a malicious website, an attacker could cause a browser crash and possibly execute arbitrary code with user privileges ...
Debian CVElist Bug Report Logs: webkit: several vulnerabilities (CVE-2008-3950 CVE-2008-3632)
Debian Bug report logs - #499771 webkit: several vulnerabilities (CVE-2008-3950 CVE-2008-3632) Package: webkit; Maintainer for webkit is (unknown); Reported by: Steffen Joeris <steffenjoeris@skolelinuxde> Date: Mon, 22 Sep 2008 07:57:01 UTC Severity: grave Tags: patch, security Fixed in version webkit/101-4 Done: Mik ...
Debian CVElist Bug Report Logs: webkit: deluge of security vulnerabilities
Debian Bug report logs - #535793 webkit: deluge of security vulnerabilities Package: webkit; Maintainer for webkit is (unknown); Reported by: Michael S Gilbert <michaelsgilbert@gmailcom> Date: Sun, 5 Jul 2009 05:18:04 UTC Severity: grave Tags: fixed-upstream, security Found in version 101-4 Fixed in version 1121-1 ...

References

CWE-399http://www.securityfocus.com/bid/31092http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.htmlhttp://support.apple.com/kb/HT3129http://secunia.com/advisories/31900http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.htmlhttp://secunia.com/advisories/31823http://secunia.com/advisories/32099http://www.securitytracker.com/id?1020847http://support.apple.com/kb/HT3026http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.htmlhttp://www.vupen.com/english/advisories/2009/1522http://secunia.com/advisories/35379http://support.apple.com/kb/HT3613http://lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlhttp://www.vupen.com/english/advisories/2008/2558http://www.vupen.com/english/advisories/2008/2525http://www.ubuntu.com/usn/USN-676-1http://secunia.com/advisories/32860https://usn.ubuntu.com/676-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook