Vulnerability Details : CVE-2008-1024
Apple Safari before 3.1.1, when running on Windows XP or Vista, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file download with a crafted file name, which triggers memory corruption.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2008-1024
- cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*When used together with: Microsoft » Windows VistaWhen used together with: Microsoft » Windows Xp
- cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows VistaWhen used together with: Microsoft » Windows Xp
Exploit prediction scoring system (EPSS) score for CVE-2008-1024
2.58%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-1024
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2008-1024
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-1024
-
http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html
-
http://www.kb.cert.org/vuls/id/529441
US Government Resource
-
http://www.securitytracker.com/id?1019868
-
http://www.securityfocus.com/bid/28813
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/41864
-
http://support.apple.com/kb/HT1467
-
http://www.vupen.com/english/advisories/2008/0979/references
Jump to