CVE-2008-4593: Infoleak
First published: Fri Oct 17 2008(Updated: )
Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is disabled, allows physically proximate attackers to obtain sensitive information by performing an Emergency Call tap and then reading SMS messages on the device screen, aka Apple bug number 6267416.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPhone | =2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-4593?
CVE-2008-4593 is classified as a vulnerability that allows sensitive information leakage on affected devices.
How do I fix CVE-2008-4593?
To mitigate CVE-2008-4593, ensure that both the Require Passcode and Show SMS Preview settings are appropriately configured.
Who is affected by CVE-2008-4593?
CVE-2008-4593 affects users of the Apple iPhone running firmware 2.1.
What type of attack does CVE-2008-4593 allow?
CVE-2008-4593 allows physically proximate attackers to view SMS messages on the device without the user's consent.
What is the mechanism behind CVE-2008-4593?
CVE-2008-4593 exploits the Emergency Call feature, bypassing security settings to access SMS content.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/apple
- canonical/apple iphone
- version/apple iphone/2.1