Sign-up

ID

VAR-200810-0115


CVE

CVE-2008-4593


TITLE

Apple iPhone of 5F136 Vulnerability to obtain important information in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2008-003547

DESCRIPTION

Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is disabled, allows physically proximate attackers to obtain sensitive information by performing an Emergency Call tap and then reading SMS messages on the device screen, aka Apple bug number 6267416. Iphone is prone to a information disclosure vulnerability. The vulnerability is also known as Apple bug number 6267416

Trust: 1.98

sources: NVD: CVE-2008-4593 // JVNDB: JVNDB-2008-003547 // BID: 84769 // VULHUB: VHN-34718

AFFECTED PRODUCTS

vendor:applemodel:iphonescope:eqversion:2.1

Trust: 2.7

sources: BID: 84769 // JVNDB: JVNDB-2008-003547 // CNNVD: CNNVD-200810-291 // NVD: CVE-2008-4593

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-4593
value: LOW

Trust: 1.0

NVD: CVE-2008-4593
value: LOW

Trust: 0.8

CNNVD: CNNVD-200810-291
value: LOW

Trust: 0.6

VULHUB: VHN-34718
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2008-4593
severity: LOW
baseScore: 1.2
vectorString: AV:L/AC:H/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-34718
severity: LOW
baseScore: 1.2
vectorString: AV:L/AC:H/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-34718 // JVNDB: JVNDB-2008-003547 // CNNVD: CNNVD-200810-291 // NVD: CVE-2008-4593

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-34718 // JVNDB: JVNDB-2008-003547 // NVD: CVE-2008-4593

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200810-291

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-200810-291

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-003547

PATCH
title:Top Pageurl:http://www.apple.com/iphone/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-003547

EXTERNAL IDS
db:NVDid:CVE-2008-4593
Trust: 2.8
db:SECTRACKid:1021021
Trust: 2.0
db:XFid:46062
Trust: 0.9
db:JVNDBid:JVNDB-2008-003547
Trust: 0.8
db:CNNVDid:CNNVD-200810-291
Trust: 0.6
db:BIDid:84769
Trust: 0.4
db:VULHUBid:VHN-34718
Trust: 0.1
sources:
            
            
            VULHUB: VHN-34718 // 
            
            
            
            BID: 84769 // 
            
            
            
            JVNDB: JVNDB-2008-003547 // 
            
            
            
            CNNVD: CNNVD-200810-291 // 
            
            
            
            NVD: CVE-2008-4593

REFERENCES
url:http://www.karlkraft.com/index.php/2008/10/03/yet-another-iphone-emergency-call-security-bug/
Trust: 2.0
url:http://securitytracker.com/id?1021021
Trust: 2.0
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/46062
Trust: 1.1
url:http://xforce.iss.net/xforce/xfdb/46062
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4593
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4593
Trust: 0.8
sources:
            
            
            VULHUB: VHN-34718 // 
            
            
            
            BID: 84769 // 
            
            
            
            JVNDB: JVNDB-2008-003547 // 
            
            
            
            CNNVD: CNNVD-200810-291 // 
            
            
            
            NVD: CVE-2008-4593

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 84769

SOURCES
db:VULHUBid:VHN-34718
db:BIDid:84769
db:JVNDBid:JVNDB-2008-003547
db:CNNVDid:CNNVD-200810-291
db:NVDid:CVE-2008-4593

LAST UPDATE DATE
2025-04-10T23:18:56.544000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-34718date:2017-08-08T00:00:00
db:BIDid:84769date:2008-10-17T00:00:00
db:JVNDBid:JVNDB-2008-003547date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200810-291date:2008-10-29T00:00:00
db:NVDid:CVE-2008-4593date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-34718date:2008-10-17T00:00:00
db:BIDid:84769date:2008-10-17T00:00:00
db:JVNDBid:JVNDB-2008-003547date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200810-291date:2008-10-17T00:00:00
db:NVDid:CVE-2008-4593date:2008-10-17T20:33:55.957