ID CVE-2008-2317
Summary WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the ownerNode property of a copied CSSStyleSheet object of a STYLE element, as originally demonstrated on Apple iPhone before 2.0 and iPod touch before 2.0, a different vulnerability than CVE-2008-1590.
References
Vulnerable Configurations
  • cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*
    cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:iphone:1.0:*:*:*:*:*:*:*
    cpe:2.3:h:apple:iphone:1.0:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:ipod_touch:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:h:apple:ipod_touch:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:iphone:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:h:apple:iphone:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:ipod_touch:1.1:*:*:*:*:*:*:*
    cpe:2.3:h:apple:ipod_touch:1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:ipod_touch:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:h:apple:ipod_touch:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:ipod_touch:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:h:apple:ipod_touch:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:iphone:1.1:*:*:*:*:*:*:*
    cpe:2.3:h:apple:iphone:1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
    cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 09-08-2022 - 13:46)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
apple
  • APPLE-SA-2008-07-11
  • APPLE-SA-2008-11-13
bid 30186
bugtraq 20080725 ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability
confirm http://support.apple.com/kb/HT3298
misc http://www.zerodayinitiative.com/advisories/ZDI-08-045/
secunia
  • 31074
  • 32706
vupen ADV-2008-2094
xf ipod-iphone-stylesheets-code-execution(43737)
Last major update 09-08-2022 - 13:46
Published 14-07-2008 - 18:41
Last modified 09-08-2022 - 13:46
Back to Top