ID

VAR-200806-0425


CVE

CVE-2008-2307


TITLE

Apple Safari contains a memory corruption issue in the handling of JavaScript arrays by WebKit

Trust: 0.8

sources: CERT/CC: VU#361043

DESCRIPTION

Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption. The Apple Webkit contains a memory corruption vulnerability.This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Apple Safari WebKit is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks when handling user-supplied input. Failed exploit attempts will result in a denial-of-service condition. Safari is the web browser bundled by default in the Apple family operating system. Safari's WebKit has a buffer overflow vulnerability when processing JavaScript arrays. If the user is tricked into visiting a malicious site, this overflow can be triggered, resulting in denial of service or execution of arbitrary instructions. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA15884 VERIFY ADVISORY: http://secunia.com/advisories/15884/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/ DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA15852 SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679 OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.51

sources: NVD: CVE-2008-2307 // CERT/CC: VU#361043 // CERT/CC: VU#442845 // JVNDB: JVNDB-2008-001468 // BID: 29836 // VULHUB: VHN-32432 // PACKETSTORM: 38390

AFFECTED PRODUCTS

vendor:applemodel:safariscope:eqversion:3.1

Trust: 1.3

vendor:applemodel:safariscope:eqversion:3.0.2

Trust: 1.0

vendor:applemodel:safariscope:eqversion:3.0

Trust: 1.0

vendor:applemodel:safariscope:eqversion:3.0.3

Trust: 1.0

vendor:applemodel:safariscope:lteversion:3.1.1

Trust: 1.0

vendor:applemodel:safariscope:eqversion:3.0.1

Trust: 1.0

vendor:applemodel:safariscope:eqversion:3.0.4

Trust: 1.0

vendor:apple computermodel: - scope: - version: -

Trust: 0.8

vendor:drupalmodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:mandrivamodel: - scope: - version: -

Trust: 0.8

vendor:pear xml rpcmodel: - scope: - version: -

Trust: 0.8

vendor:phpxmlrpcmodel: - scope: - version: -

Trust: 0.8

vendor:postnukemodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:serendipitymodel: - scope: - version: -

Trust: 0.8

vendor:trustix secure linuxmodel: - scope: - version: -

Trust: 0.8

vendor:ubuntu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:wordpressmodel: - scope: - version: -

Trust: 0.8

vendor:xoopsmodel: - scope: - version: -

Trust: 0.8

vendor:phpmyfaqmodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:ltversion:10.5.4

Trust: 0.8

vendor:applemodel:mac os x serverscope:ltversion:10.5.4

Trust: 0.8

vendor:applemodel:iphonescope:ltversion:2.0

Trust: 0.8

vendor:applemodel:ipod touchscope:ltversion:2.0

Trust: 0.8

vendor:applemodel:safariscope:ltversion:for windows 3.1.2

Trust: 0.8

vendor:microsoftmodel:windows vistascope: - version: -

Trust: 0.6

vendor:microsoftmodel:windows xpscope: - version: -

Trust: 0.6

vendor:webkitmodel:open source project webkitscope:eqversion:0

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:3.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1.1

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3.0.4

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3.0.3

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:3.0.3

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3.0.2

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:3.0.2

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3.0.1

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:3.0.1

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.11

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.10

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.11

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.10

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:1.1.4

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:1.1.3

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:1.1.2

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:1.1.1

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:1.1

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1.4

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1.3

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.0.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.0.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:safari for windowsscope:neversion:3.1.2

Trust: 0.3

vendor:applemodel:safariscope:neversion:3.1.2

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.5.4

Trust: 0.3

vendor:applemodel:ipod touchscope:neversion:2.0

Trust: 0.3

vendor:applemodel:iphonescope:neversion:2.0

Trust: 0.3

sources: CERT/CC: VU#361043 // CERT/CC: VU#442845 // BID: 29836 // JVNDB: JVNDB-2008-001468 // CNNVD: CNNVD-200806-302 // NVD: CVE-2008-2307

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-2307
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#361043
value: 10.33

Trust: 0.8

CARNEGIE MELLON: VU#442845
value: 20.75

Trust: 0.8

IPA: JVNDB-2008-001468
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200806-302
value: CRITICAL

Trust: 0.6

VULHUB: VHN-32432
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-2307
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2008-001468
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-32432
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#361043 // CERT/CC: VU#442845 // VULHUB: VHN-32432 // JVNDB: JVNDB-2008-001468 // CNNVD: CNNVD-200806-302 // NVD: CVE-2008-2307

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-noinfo

Trust: 0.8

sources: VULHUB: VHN-32432 // JVNDB: JVNDB-2008-001468 // NVD: CVE-2008-2307

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200806-302

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-200806-302

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-001468

PATCH

title:Security Update 2008-004url:http://support.apple.com/kb/HT2163

Trust: 0.8

title:Safari 3.1.2 for Mac OS X 10.4.11url:http://support.apple.com/kb/HT2165

Trust: 0.8

title:iPhone v2.0 and iPod touch v2.0url:http://support.apple.com/kb/HT2351

Trust: 0.8

title:Safari 3.1.2 for Windowsurl:http://support.apple.com/kb/HT2092

Trust: 0.8

title:iPhone v2.0 and iPod touch v2.0url:http://support.apple.com/kb/HT2351?viewlocale=ja_JP&locale=ja_JP

Trust: 0.8

sources: JVNDB: JVNDB-2008-001468

EXTERNAL IDS

db:CERT/CCid:VU#361043

Trust: 2.8

db:NVDid:CVE-2008-2307

Trust: 2.8

db:BIDid:29836

Trust: 2.8

db:SECUNIAid:31074

Trust: 1.7

db:SECUNIAid:30801

Trust: 1.7

db:SECUNIAid:30775

Trust: 1.7

db:SECUNIAid:30992

Trust: 1.7

db:SECTRACKid:1020330

Trust: 1.7

db:VUPENid:ADV-2008-2094

Trust: 1.7

db:VUPENid:ADV-2008-1980

Trust: 1.7

db:VUPENid:ADV-2008-1882

Trust: 1.7

db:VUPENid:ADV-2008-1981

Trust: 1.7

db:SECUNIAid:15884

Trust: 0.9

db:SECUNIAid:15810

Trust: 0.8

db:SECUNIAid:15922

Trust: 0.8

db:SECUNIAid:15852

Trust: 0.8

db:SECUNIAid:15855

Trust: 0.8

db:SECUNIAid:15861

Trust: 0.8

db:SECUNIAid:15862

Trust: 0.8

db:SECUNIAid:15872

Trust: 0.8

db:SECUNIAid:15883

Trust: 0.8

db:SECUNIAid:15895

Trust: 0.8

db:BIDid:14088

Trust: 0.8

db:SECTRACKid:1014327

Trust: 0.8

db:CERT/CCid:VU#442845

Trust: 0.8

db:JVNDBid:JVNDB-2008-001468

Trust: 0.8

db:CNNVDid:CNNVD-200806-302

Trust: 0.7

db:APPLEid:APPLE-SA-2008-07-11

Trust: 0.6

db:APPLEid:APPLE-SA-2008-06-30

Trust: 0.6

db:APPLEid:APPLE-SA-2008-06-19

Trust: 0.6

db:FEDORAid:FEDORA-2008-6220

Trust: 0.6

db:FEDORAid:FEDORA-2008-6186

Trust: 0.6

db:VULHUBid:VHN-32432

Trust: 0.1

db:PACKETSTORMid:38390

Trust: 0.1

sources: CERT/CC: VU#361043 // CERT/CC: VU#442845 // VULHUB: VHN-32432 // BID: 29836 // JVNDB: JVNDB-2008-001468 // PACKETSTORM: 38390 // CNNVD: CNNVD-200806-302 // NVD: CVE-2008-2307

REFERENCES

url:http://support.apple.com/kb/ht2165

Trust: 2.8

url:http://support.apple.com/kb/ht2163

Trust: 2.8

url:http://support.apple.com/kb/ht2092

Trust: 2.5

url:http://www.securityfocus.com/bid/29836

Trust: 2.5

url:http://www.kb.cert.org/vuls/id/361043

Trust: 2.0

url:http://lists.apple.com/archives/security-announce/2008//jun/msg00001.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2008//jun/msg00003.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2008//jul/msg00001.html

Trust: 1.7

url:https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00279.html

Trust: 1.7

url:https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00319.html

Trust: 1.7

url:http://www.securitytracker.com/id?1020330

Trust: 1.7

url:http://secunia.com/advisories/30775

Trust: 1.7

url:http://secunia.com/advisories/30801

Trust: 1.7

url:http://secunia.com/advisories/30992

Trust: 1.7

url:http://secunia.com/advisories/31074

Trust: 1.7

url:http://www.vupen.com/english/advisories/2008/1882/references

Trust: 1.1

url:http://www.vupen.com/english/advisories/2008/1980

Trust: 1.1

url:http://www.vupen.com/english/advisories/2008/1981/references

Trust: 1.1

url:http://www.vupen.com/english/advisories/2008/2094/references

Trust: 1.1

url:http://secunia.com/advisories/15884/

Trust: 0.9

url:http://secunia.com/advisories/15852/

Trust: 0.9

url:http://lists.apple.com/archives/security-announce/2008/jun/msg00001.html

Trust: 0.8

url:http://www.hardened-php.net/advisory-022005.php

Trust: 0.8

url:http://secunia.com/advisories/15861/

Trust: 0.8

url:http://secunia.com/advisories/15862/

Trust: 0.8

url:http://secunia.com/advisories/15895/

Trust: 0.8

url:http://secunia.com/advisories/15883/

Trust: 0.8

url:http://news.postnuke.com/modules.php?op=modload&name=news&file=article&sid=2699

Trust: 0.8

url:http://secunia.com/advisories/15855/

Trust: 0.8

url:http://secunia.com/advisories/15810/

Trust: 0.8

url:http://secunia.com/advisories/15872/

Trust: 0.8

url:http://secunia.com/advisories/15922/

Trust: 0.8

url:http://securitytracker.com/alerts/2005/jun/1014327.html

Trust: 0.8

url:http://www.gulftech.org/?node=research&article_id=00088-07022005

Trust: 0.8

url:http://www.gulftech.org/?node=research&article_id=00087-07012005

Trust: 0.8

url:http://www.securityfocus.com/bid/14088

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2307

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2307

Trust: 0.8

url:http://www.frsirt.com/english/advisories/2008/2094/references

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2008/1981/references

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2008/1980

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2008/1882/references

Trust: 0.6

url:http://www.apple.com/safari/

Trust: 0.3

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/4577/

Trust: 0.1

url:http://secunia.com/secunia_vacancies/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://sourceforge.net/project/showfiles.php?group_id=36679

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: CERT/CC: VU#361043 // CERT/CC: VU#442845 // VULHUB: VHN-32432 // BID: 29836 // JVNDB: JVNDB-2008-001468 // PACKETSTORM: 38390 // CNNVD: CNNVD-200806-302 // NVD: CVE-2008-2307

CREDITS

James Urquhart

Trust: 0.9

sources: BID: 29836 // CNNVD: CNNVD-200806-302

SOURCES

db:CERT/CCid:VU#361043
db:CERT/CCid:VU#442845
db:VULHUBid:VHN-32432
db:BIDid:29836
db:JVNDBid:JVNDB-2008-001468
db:PACKETSTORMid:38390
db:CNNVDid:CNNVD-200806-302
db:NVDid:CVE-2008-2307

LAST UPDATE DATE

2024-11-27T21:54:30.774000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#361043date:2008-07-01T00:00:00
db:CERT/CCid:VU#442845date:2007-03-09T00:00:00
db:VULHUBid:VHN-32432date:2011-03-15T00:00:00
db:BIDid:29836date:2015-05-07T17:08:00
db:JVNDBid:JVNDB-2008-001468date:2008-07-29T00:00:00
db:CNNVDid:CNNVD-200806-302date:2008-09-10T00:00:00
db:NVDid:CVE-2008-2307date:2024-11-21T00:46:34.453

SOURCES RELEASE DATE

db:CERT/CCid:VU#361043date:2008-07-01T00:00:00
db:CERT/CCid:VU#442845date:2005-07-06T00:00:00
db:VULHUBid:VHN-32432date:2008-06-23T00:00:00
db:BIDid:29836date:2008-06-19T00:00:00
db:JVNDBid:JVNDB-2008-001468date:2008-07-11T00:00:00
db:PACKETSTORMid:38390date:2005-07-01T23:31:00
db:CNNVDid:CNNVD-200806-302date:2008-06-23T00:00:00
db:NVDid:CVE-2008-2307date:2008-06-23T20:41:00