CVE-2008-3623Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources
Severity
9.3CRITICALNVD
EPSS
19.0%
top 4.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedNov 17
Latest updateMay 2

Description

Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows, in iPhone OS 1.0 through 2.2.1, and in iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image, related to improper handling of color spaces.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDapple/safari3.1.2+33

🔴Vulnerability Details

1
GHSA
GHSA-3gcp-2ghh-2fp8: Heap-based buffer overflow in CoreGraphics in Apple Safari before 32022-05-02