CVE-2008-4593

Published Oct 17, 2008

Last updated 7 years ago

Overview

Description: Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is disabled, allows physically proximate attackers to obtain sensitive information by performing an Emergency Call tap and then reading SMS messages on the device screen, aka Apple bug number 6267416.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 1.2
Impact score: 2.9
Exploitability score: 1.9
Vector string: AV:L/AC:H/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:apple:iphone:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F35FC825-720E-4D9D-B512-EE49983A5433"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References