CVE-2008-1590
Severity Score
6.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger memory corruption, a different vulnerability than CVE-2008-2317.
JavaScriptCore en WebKit de Apple iPhone anterior a 2.0 e iPod touch anterior a 2.0, no realiza correctamente la recolección de basura en tiempo de ejecución, esto permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) mediante vectores no especificados que provocan una corrupción de memoria. Se trata de una vulnerabilidad diferente de CVE-2008-2317.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-03-31 CVE Reserved
- 2008-07-14 CVE Published
- 2024-07-20 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/31074 | Third Party Advisory | |
| http://www.securityfocus.com/bid/30186 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/2094/references | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/43738 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html | 2022-08-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Search vendor "Apple" for product "Iphone" | 1.0 Search vendor "Apple" for product "Iphone" and version "1.0" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Search vendor "Apple" for product "Iphone" | 1.1.3 Search vendor "Apple" for product "Iphone" and version "1.1.3" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Search vendor "Apple" for product "Iphone" | 1.1.4 Search vendor "Apple" for product "Iphone" and version "1.1.4" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Search vendor "Apple" for product "Iphone" | 1.02 Search vendor "Apple" for product "Iphone" and version "1.02" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Ipod Touch Search vendor "Apple" for product "Ipod Touch" | 1.1 Search vendor "Apple" for product "Ipod Touch" and version "1.1" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Ipod Touch Search vendor "Apple" for product "Ipod Touch" | 1.1.1 Search vendor "Apple" for product "Ipod Touch" and version "1.1.1" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Ipod Touch Search vendor "Apple" for product "Ipod Touch" | 1.1.2 Search vendor "Apple" for product "Ipod Touch" and version "1.1.2" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Ipod Touch Search vendor "Apple" for product "Ipod Touch" | 1.1.3 Search vendor "Apple" for product "Ipod Touch" and version "1.1.3" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Ipod Touch Search vendor "Apple" for product "Ipod Touch" | 1.1.4 Search vendor "Apple" for product "Ipod Touch" and version "1.1.4" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.0.1 Search vendor "Apple" for product "Iphone Os" and version "1.0.1" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.0.2 Search vendor "Apple" for product "Iphone Os" and version "1.0.2" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.1.1 Search vendor "Apple" for product "Iphone Os" and version "1.1.1" | - |
Safe
|
| Webkit Search vendor "Webkit" | Javascriptcore Search vendor "Webkit" for product "Javascriptcore" | * | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.1.2 Search vendor "Apple" for product "Iphone Os" and version "1.1.2" | - |
Safe
|