4.3

CVE-2008-1588

Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to spoof the address bar via Unicode ideographic spaces in the URL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleSafari
   AppleIphone Version1.0
   AppleIphone Version1.1.3
   AppleIphone Version1.1.4
   AppleIphone Version1.02
   AppleIpod Touch Version1.1
   AppleIpod Touch Version1.1.1
   AppleIpod Touch Version1.1.2
   AppleIpod Touch Version1.1.3
   AppleIpod Touch Version1.1.4
   AppleiPhone OS Version1.0.1
   AppleiPhone OS Version1.0.2
   AppleiPhone OS Version1.1.1
   AppleiPhone OS Version1.1.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.27% 0.808
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://secunia.com/advisories/31074
http://secunia.com/advisories/35379
http://support.apple.com/kb/HT3613
http://www.vupen.com/english/advisories/2008/2094/references
http://www.vupen.com/english/advisories/2009/1522
http://www.securityfocus.com/bid/30186
https://exchange.xforce.ibmcloud.com/vulnerabilities/43732