CVE-2008-3632

Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements.

Affected Software

Name	Vendor	Start Version	End Version
Iphone	Apple	1.1 (including)	1.1 (including)
Iphone	Apple	1.1.3 (including)	1.1.3 (including)
Iphone	Apple	1.1.4 (including)	1.1.4 (including)
Iphone	Apple	2.0 (including)	2.0 (including)
Iphone	Apple	2.0.1 (including)	2.0.1 (including)
Iphone	Apple	2.0.2 (including)	2.0.2 (including)
Ipod_touch	Apple	1.1 (including)	1.1 (including)
Ipod_touch	Apple	1.1.1 (including)	1.1.1 (including)
Ipod_touch	Apple	1.1.2 (including)	1.1.2 (including)
Ipod_touch	Apple	1.1.3 (including)	1.1.3 (including)
Ipod_touch	Apple	1.1.4 (including)	1.1.4 (including)
Ipod_touch	Apple	2.0 (including)	2.0 (including)
Ipod_touch	Apple	2.0.1 (including)	2.0.1 (including)
Ipod_touch	Apple	2.0.2 (including)	2.0.2 (including)
Iphone_os	Apple	1.1.1 (including)	1.1.1 (including)
Iphone_os	Apple	1.1.2 (including)	1.1.2 (including)
Webkit	Ubuntu	gutsy	*
Webkit	Ubuntu	hardy	*
Webkit	Ubuntu	intrepid	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-3632
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References