Published: 16/09/2008 Updated: 11/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple iPhone 1.1.4 and 2.0 and iPod touch 1.1.4 and 2.0 allows remote malicious users to cause a denial of service (browser crash) via a JavaScript alert call with an argument that lacks breakable characters and has a length that is a multiple of the memory page size, leading to an out-of-bounds read.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple ipod_touch 2.0
apple ipod_touch 1.1.4
apple iphone 2.0
apple iphone 1.1.4
apple safari

Debian Bug report logs - #499771 webkit: several vulnerabilities (CVE-2008-3950 CVE-2008-3632) Package: webkit; Maintainer for webkit is (unknown); Reported by: Steffen Joeris <steffenjoeris@skolelinuxde> Date: Mon, 22 Sep 2008 07:57:01 UTC Severity: grave Tags: patch, security Fixed in version webkit/101-4 Done: Mik ...

source: wwwsecurityfocuscom/bid/31061/info Apple iPhone and iPod touch are prone to a remote denial-of-service vulnerability that occurs in the WebKit library used by the Safari browser Remote attackers can exploit this issue to crash the affected browser installed on the devices, denying service to legitimate users The following devi ...

CWE-189 http://www.coresecurity.com/content/iphone-safari-javascript-alert-denial-of-service http://www.securityfocus.com/bid/31061 http://securityreason.com/securityalert/4264 http://www.securityfocus.com/archive/1/496321/100/0/threaded https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499771 https://nvd.nist.gov https://www.exploit-db.com/exploits/32341/

CVE-2008-3950

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect