Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1590

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-1590
Last Modified 07 Mar 2011 10:07:19
Published 14 Jul 2008 02:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1590

Summary

JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger memory corruption, a different vulnerability than CVE-2008-2317.

Vulnerable Systems

Application

  • Webkit Javascriptcore


References

XF - ipod-iphone-garbage-code-execution(43738)

VUPEN - ADV-2008-2094

BID - 30186

SECUNIA - 31074

APPLE - APPLE-SA-2008-07-11


Last Updated: 27 May 2016 10:47:36