CVE Reference: CVE-2008-3632

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2008-3632

Description:
Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntu.com/usn/USN-676-1

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html

ST
  1020847

SAID
  Secunia Advisory: SA35379
  Secunia Advisory: SA32860
  Secunia Advisory: SA31900
  Secunia Advisory: SA31823
  Secunia Advisory: SA32099

CONFIRM
  http://support.apple.com/kb/HT3613
  http://support.apple.com/kb/HT3026
  http://support.apple.com/kb/HT3129

BID
  31092

APPLE
  http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
  http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
  http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html


Return to the previous page.