CVE-2008-1589

EPSS 0.26%
Veröffentlicht 14.07.2008 18:41:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a (1) self-signed or (2) invalid certificate, which makes it easier for remote attackers to spoof web sites.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ Safari

   Apple ≫ Iphone Version1.0
   Apple ≫ Iphone Version1.1.3
   Apple ≫ Iphone Version1.1.4
   Apple ≫ Iphone Version1.02
   Apple ≫ Ipod Touch Version1.1
   Apple ≫ Ipod Touch Version1.1.1
   Apple ≫ Ipod Touch Version1.1.2
   Apple ≫ Ipod Touch Version1.1.3
   Apple ≫ Ipod Touch Version1.1.4
   Apple ≫ iPhone OS Version1.0.1
   Apple ≫ iPhone OS Version1.0.2
   Apple ≫ iPhone OS Version1.1.1
   Apple ≫ iPhone OS Version1.1.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.26%	0.461

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html

http://secunia.com/advisories/31074

http://www.vupen.com/english/advisories/2008/2094/references

http://www.securityfocus.com/bid/30186

http://jvn.jp/en/jp/JVN88676089/index.html

http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000039.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/43734

https://nvd.nist.gov/vuln/detail/CVE-2008-1589

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1589

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1589

EUVD