CVE-2008-3631

CWE-2643 documents3 sources
Severity
7.1HIGH
EPSS
0.9%
top 25.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Ipod Touch
Timeline
PublishedSep 11
Latest updateMay 2

Description

Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, does not properly isolate third-party applications, which allows attackers to read arbitrary files in a third-party application's sandbox via a different third-party application.

CVSS vector

AV:N/AC:M/C:C/I:N/A:NExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDapple/ipod_touch2.0, 2.0.1, 2.0.2+2

🔴Vulnerability Details

2
GHSA
GHSA-vc9w-9m7m-hx2f: Application Sandbox in Apple iPod touch 22022-05-02
CVEList
CVE-2008-3631: Application Sandbox in Apple iPod touch 22008-09-10
CVE-2008-3631 (HIGH CVSS 7.1) | Application Sandbox in Apple iPod t | cvebase.io