{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-11-20T00:00:00", "descriptions": [{"lang": "en", "value": "Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.fortiguardcenter.com/advisory/FGA-2009-23.html"}, {"name": "APPLE-SA-2009-06-08-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"}, {"name": "APPLE-SA-2008-11-20", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"}, {"name": "ADV-2009-1522", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1522"}, {"name": "ADV-2008-3232", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/3232"}, {"name": "35379", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35379"}, {"name": "20090610 FortiGuard Advisory: Apple Safari Remote Memory Corruption Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/504211/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3318"}, {"name": "1021272", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021272"}, {"name": "50028", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/50028"}, {"name": "32394", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32394"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3613"}, {"name": "32756", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32756"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4231", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.fortiguardcenter.com/advisory/FGA-2009-23.html", "refsource": "MISC", "url": "http://www.fortiguardcenter.com/advisory/FGA-2009-23.html"}, {"name": "APPLE-SA-2009-06-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"}, {"name": "APPLE-SA-2008-11-20", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"}, {"name": "ADV-2009-1522", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1522"}, {"name": "ADV-2008-3232", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/3232"}, {"name": "35379", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35379"}, {"name": "20090610 FortiGuard Advisory: Apple Safari Remote Memory Corruption Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/504211/100/0/threaded"}, {"name": "http://support.apple.com/kb/HT3318", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3318"}, {"name": "1021272", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021272"}, {"name": "50028", "refsource": "OSVDB", "url": "http://osvdb.org/50028"}, {"name": "32394", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32394"}, {"name": "http://support.apple.com/kb/HT3613", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3613"}, {"name": "32756", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32756"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:08:34.963Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.fortiguardcenter.com/advisory/FGA-2009-23.html"}, {"name": "APPLE-SA-2009-06-08-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"}, {"name": "APPLE-SA-2008-11-20", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"}, {"name": "ADV-2009-1522", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1522"}, {"name": "ADV-2008-3232", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/3232"}, {"name": "35379", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35379"}, {"name": "20090610 FortiGuard Advisory: Apple Safari Remote Memory Corruption Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/504211/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT3318"}, {"name": "1021272", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021272"}, {"name": "50028", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/50028"}, {"name": "32394", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/32394"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT3613"}, {"name": "32756", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32756"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-4231", "datePublished": "2008-11-25T23:00:00", "dateReserved": "2008-09-24T00:00:00", "dateUpdated": "2024-08-07T10:08:34.963Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*", "matchCriteriaId": "88FA2602-DDAB-4E23-A3D2-FB712970AAD1", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "340C4071-1447-477F-942A-8E09EA29F917", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE370CAA-04B3-434E-BD5B-1D87DE596C10", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "41DB23F0-7226-4D0B-A3FA-A801F02EBA6B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E28FB0CB-D636-4F85-B5F7-70EC30053925", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B4AEDE82-E317-4066-A34F-BB3BCD3F53E2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "297F9438-0F04-4128-94A8-A504B600929E", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "F8618621-F871-4531-9F6C-7D60F2BF8B75", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "824DED2D-FA1D-46FC-8252-6E25546DAE29", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."}, {"lang": "es", "value": "Safari en Apple iPhone OS v1.0 hasta v2.1 e iPhone OS para iPod touch v1.1 hasta v2.1 no maneja adecuadamente los elementos HTML TABLE, esto permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un documento HTML manipulado."}], "id": "CVE-2008-4231", "lastModified": "2022-08-09T13:48:58.247", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-11-25T23:30:00.437", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/50028"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/32756"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/35379"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/kb/HT3318"}, {"source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT3613"}, {"source": "cve@mitre.org", "url": "http://www.fortiguardcenter.com/advisory/FGA-2009-23.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/504211/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/32394"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021272"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/3232"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/1522"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}