CVE-2008-3876
Severity Score
1.9
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a tap of any contact's blue arrow.
Apple iPhone 2.0.2, en algunas configuraciones, permite a atacantes físicamente próximos, evitar las restricciones de acceso pretendidas y obtener información sensible o utilizar el dispositivo como quieran, accediendo a la llamada de emergencia, luego pulsando dos veces el botón Home y, a continuación, pulsando en la flecha azul de cualquier contacto.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-09-02 CVE Reserved
- 2008-09-02 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://forums.macrumors.com/showpost.php?p=6121914&postcount=118 | X_refsource_misc | |
| http://securitytracker.com/id?1020763 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://forums.macrumors.com/showthread.php?t=551617 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|