NVD

Id
2238  
Name
CVE-2008-2317  
Description
WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the ownerNode property of a copied CSSStyleSheet object of a STYLE element, as originally demonstrated on Apple iPhone before 2.0 and iPod touch before 2.0, a different vulnerability than CVE-2008-1590.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2008-07-14  
Modified Date
2012-10-30  
Seq
2008-2317  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
14241 2238 CVE-2008-2317 APPLE-SA-2008-11-13  View
14242 2238 CVE-2008-2317 APPLE-SA-2008-07-11  View
14243 2238 CVE-2008-2317 http://support.apple.com/kb/HT3298  View
14244 2238 CVE-2008-2317 20080725 ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability  View
14245 2238 CVE-2008-2317 30186  View
14246 2238 CVE-2008-2317 ADV-2008-2094  View
14247 2238 CVE-2008-2317 http://www.zerodayinitiative.com/advisories/ZDI-08-045/  View
14248 2238 CVE-2008-2317 ipod-iphone-stylesheets-code-execution(43737)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
46212 JVNDB-2008-001522 Apple iPhone/iPod touch の Safari の WebCore におけるメモリ破壊の脆弱性 Apple iPhone および iPod touch の Safari には WebCore において、スタイルシート要素の取り扱いに不備があり、メモリ破壊の脆弱性が存在します。 CVE-2008-2317 32430 CVE-2008-2317 2238 9.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001522.html 2008-07-14 2008-12-05 View