CVE-2008-4231
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
| Software | From | Fixed in |
|---|---|---|
| apple / safari | - | - |
| apple / iphone_os | 1.0 | 1.0.x |
| apple / iphone_os | 1.0.1 | 1.0.1.x |
| apple / iphone_os | 1.0.2 | 1.0.2.x |
| apple / iphone_os | 1.1 | 1.1.x |
| apple / iphone_os | 1.1.1 | 1.1.1.x |
| apple / iphone_os | 1.1.2 | 1.1.2.x |
| apple / iphone_os | 1.1.3 | 1.1.3.x |
| apple / iphone_os | 1.1.4 | 1.1.4.x |
| apple / iphone_os | 1.1.5 | 1.1.5.x |
| apple / iphone_os | 2.0 | 2.0.x |
| apple / iphone_os | 2.0.1 | 2.0.1.x |
| apple / iphone_os | 2.0.2 | 2.0.2.x |
| apple / iphone_os | 2.1 | 2.1.x |
- http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
- http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
- http://osvdb.org/50028
- http://secunia.com/advisories/32756
- http://secunia.com/advisories/35379
- http://support.apple.com/kb/HT3318
- http://support.apple.com/kb/HT3613
- http://www.fortiguardcenter.com/advisory/FGA-2009-23.html
- http://www.securityfocus.com/archive/1/504211/100/0/threaded
- http://www.securityfocus.com/bid/32394
- http://www.securitytracker.com/id?1021272
- http://www.vupen.com/english/advisories/2008/3232
- http://www.vupen.com/english/advisories/2009/1522
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime