CVE-2008-4231
First published: Tue Nov 25 2008(Updated: )
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPod touch | ||
| iStyle @cosme iPhone OS | ||
| Apple Mobile Safari | ||
| iStyle @cosme iPhone OS | =1.0 | |
| iStyle @cosme iPhone OS | =1.0.1 | |
| iStyle @cosme iPhone OS | =1.0.2 | |
| iStyle @cosme iPhone OS | =1.1 | |
| iStyle @cosme iPhone OS | =1.1.1 | |
| iStyle @cosme iPhone OS | =1.1.2 | |
| iStyle @cosme iPhone OS | =1.1.3 | |
| iStyle @cosme iPhone OS | =1.1.4 | |
| iStyle @cosme iPhone OS | =1.1.5 | |
| iStyle @cosme iPhone OS | =2.0 | |
| iStyle @cosme iPhone OS | =2.0.1 | |
| iStyle @cosme iPhone OS | =2.0.2 | |
| iStyle @cosme iPhone OS | =2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
- http://www.securityfocus.com/bid/32394
- http://support.apple.com/kb/HT3318
- http://www.securitytracker.com/id?1021272
- http://osvdb.org/50028
- http://secunia.com/advisories/32756
- http://support.apple.com/kb/HT3613
- http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
- http://www.vupen.com/english/advisories/2009/1522
- http://secunia.com/advisories/35379
- http://www.fortiguardcenter.com/advisory/FGA-2009-23.html
- http://www.vupen.com/english/advisories/2008/3232
- http://www.securityfocus.com/archive/1/504211/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2008-4231?
CVE-2008-4231 is considered a critical vulnerability that could allow remote code execution or cause a denial of service.
How do I fix CVE-2008-4231?
To mitigate CVE-2008-4231, users should update their Safari browser and iPhone OS to the latest version provided by Apple.
Which versions are affected by CVE-2008-4231?
CVE-2008-4231 affects Safari on Apple iPhone OS versions 1.0 through 2.1 and iPod touch 1.1 through 2.1.
What are the potential impacts of CVE-2008-4231?
CVE-2008-4231 can lead to arbitrary code execution or memory corruption, resulting in application crashes.
Is there a patch available for CVE-2008-4231?
Yes, Apple released patches for CVE-2008-4231 in subsequent updates to Safari and iPhone OS.
- collector/nvd-historical
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apple
- canonical/apple ipod touch
- canonical/istyle @cosme iphone os
- canonical/apple mobile safari
- version/istyle @cosme iphone os/1.0
- version/istyle @cosme iphone os/1.0.1
- version/istyle @cosme iphone os/1.0.2
- version/istyle @cosme iphone os/1.1
- version/istyle @cosme iphone os/1.1.1
- version/istyle @cosme iphone os/1.1.2
- version/istyle @cosme iphone os/1.1.3
- version/istyle @cosme iphone os/1.1.4
- version/istyle @cosme iphone os/1.1.5
- version/istyle @cosme iphone os/2.0
- version/istyle @cosme iphone os/2.0.1
- version/istyle @cosme iphone os/2.0.2
- version/istyle @cosme iphone os/2.1