7.1

CVE-2008-3631

Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, does not properly isolate third-party applications, which allows attackers to read arbitrary files in a third-party application's sandbox via a different third-party application.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleIpod Touch Version2.0
AppleIpod Touch Version2.0.1
AppleIpod Touch Version2.0.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.91% 0.77
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:C/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
http://secunia.com/advisories/31823
http://secunia.com/advisories/31900
http://support.apple.com/kb/HT3026
http://support.apple.com/kb/HT3129
http://www.vupen.com/english/advisories/2008/2525
http://www.vupen.com/english/advisories/2008/2558
http://www.securityfocus.com/bid/31092
http://www.securitytracker.com/id?1020846