Computer Security
[EN] securityvulns.ru no-pyccku


Apple iPhone Safari DoS
Published:14.09.2008
Source:
SecurityVulns ID:9286
Type:remote
Threat Level:
5/10
Description:Invalid memory read on JavaScript alert() function.
Affected:APPLE : iPhone 1.1
 APPLE : iPhone 2.0
 APPLE : iPod touch 1.1
 APPLE : iPod touch 2.0
CVE:CVE-2008-3950 (Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple iPhone 1.1.4 and 2.0 and iPod touch 1.1.4 and 2.0 allows remote attackers to cause a denial of service (browser crash) via a JavaScript alert call with an argument that lacks breakable characters and has a length that is a multiple of the memory page size, leading to an out-of-bounds read.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2008-0126: iPhone Safari JavaScript alert Denial of Service (14.09.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod