Vulnerability Name:

CVE-2008-3631 (CCN-45006)

Assigned:2008-09-09
Published:2008-09-09
Updated:2011-03-08
Summary:Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, does not properly isolate third-party applications, which allows attackers to read arbitrary files in a third-party application's sandbox via a different third-party application.
Link to patched version (v2.1) - http://www.apple.com/ipodtouch/softwareupdate.html
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N)
5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-264
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2008-3631

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-09-09

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-09-12

Source: CCN
Type: SA31823
Apple iPod Touch Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
31823

Source: CCN
Type: SA31900
Apple iPhone Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
31900

Source: CCN
Type: SECTRACK ID: 1020846
Apple iPod touch Lets Local Applications Access Data

Source: CCN
Type: Apple Web site
About the security content of iPod touch v2.1

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3026

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3129

Source: CCN
Type: OSVDB ID: 48043
Apple iPod Touch Application Sandbox Bypass Arbitrary File Access

Source: CCN
Type: BID-31089
GEAR Software CD DVD Filter Driver 'GEARAspiWDM.sys' Local Privilege Escalation Vulnerability

Source: BID
Type: UNKNOWN
31092

Source: CCN
Type: BID-31092
Apple iPod Touch/iPhone Prior to Version 2.1 Multiple Remote Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1020846

Source: VUPEN
Type: UNKNOWN
ADV-2008-2525

Source: VUPEN
Type: UNKNOWN
ADV-2008-2558

Source: XF
Type: UNKNOWN
apple-ipod-sandbox-info-disclosure(45006)

Vulnerable Configuration:Configuration 1:
  • cpe:/h:apple:ipod_touch:2.0:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:2.0.2:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/h:apple:ipod_touch:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:2.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:apple:iphone_os:1.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    apple ipod touch 2.0
    apple ipod touch 2.0.1
    apple ipod touch 2.0.2
    apple ipod touch 2.0.2
    apple ipod touch 2.0.1
    apple ipod touch 2.0
    apple iphone 1.0
    apple iphone 1.1.2
    apple iphone 1.1.3
    apple iphone 1.0.1
    apple iphone 1.1.1
    apple iphone 1.1.4
    apple iphone 2.0.2
    apple iphone 2.0
    apple iphone 2.0.1