CVE-2008-3950
Last modified
CVE-2008-3950 is a vulnerability of currently unknown severity. Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple iPhone 1.1.4 and 2.0 and iPod touch 1.1.4 and 2.0 allows remote attackers to cause a denial of service (browser crash) via a JavaScript alert call with an argument that lacks breakable characters and has a length that is a multiple of the memory page size, leading to an out-of-bounds read.. EPSS estimates a 7.08% chance of exploitation in the next 30 days.
Description
Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple iPhone 1.1.4 and 2.0 and iPod touch 1.1.4 and 2.0 allows remote attackers to cause a denial of service (browser crash) via a JavaScript alert call with an argument that lacks breakable characters and has a length that is a multiple of the memory page size, leading to an out-of-bounds read.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone | 1.1.4 |
| Apple | Iphone | 2.0 |
| Apple | Ipod Touch | 1.1.4 |
| Apple | Ipod Touch | 2.0 |
| Apple | Safari | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-3950?
How severe is CVE-2008-3950?
How do I fix CVE-2008-3950?
Are you affected by CVE-2008-3950?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST