CVE-2008-4231

Published: Nov 25, 2008Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.

Affected (14)

Products: Apple: Iphone Os, Safari

2 products

Configuration A

14 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Apple Iphone Os	Version 1.0.1
Apple Iphone Os	Version 1.0.2
Apple Iphone Os	Version 1.0
Apple Iphone Os	Version 1.1.1
Apple Iphone Os	Version 1.1.2
Apple Iphone Os	Version 1.1.3
Apple Iphone Os	Version 1.1.4
Apple Iphone Os	Version 1.1.5
Apple Iphone Os	Version 1.1
Apple Iphone Os	Version 2.0.1
Apple Iphone Os	Version 2.0.2
Apple Iphone Os	Version 2.0
Apple Iphone Os	Version 2.1
Apple Safari	All versions

Running on/with	Platform Versions
Apple Iphone Os	All versions
Apple Ipod Touch	All versions

Related CWEs

References (26)

http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html

Source: cve@mitre.org

Vendor Advisory

http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html

Source: cve@mitre.org

http://osvdb.org/50028

Source: cve@mitre.org

http://secunia.com/advisories/32756

Source: cve@mitre.org

http://secunia.com/advisories/35379

Source: cve@mitre.org

http://support.apple.com/kb/HT3318

Source: cve@mitre.org

Vendor Advisory

http://support.apple.com/kb/HT3613

Source: cve@mitre.org

http://www.fortiguardcenter.com/advisory/FGA-2009-23.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/504211/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/32394

Source: cve@mitre.org

http://www.securitytracker.com/id?1021272

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/3232

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1522

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/50028

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32756

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35379

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT3318

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://support.apple.com/kb/HT3613

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.fortiguardcenter.com/advisory/FGA-2009-23.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/504211/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/32394

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1021272

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/3232

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/1522

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.