Unrated severityNVD Advisory· Published Jul 14, 2008· Updated Jun 16, 2026
CVE-2008-1589
CVE-2008-1589
Description
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a (1) self-signed or (2) invalid certificate, which makes it easier for remote attackers to spoof web sites.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
- (no CPE)range: <2.0
- Range: <2.0
- Range: <2.0
Patches
Vulnerability mechanics
References
7- jvn.jp/en/jp/JVN88676089/index.htmlnvd
- jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000039.htmlnvd
- lists.apple.com/archives/security-announce/2008//Jul/msg00001.htmlnvd
- secunia.com/advisories/31074nvd
- www.securityfocus.com/bid/30186nvd
- www.vupen.com/english/advisories/2008/2094/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/43734nvd
News mentions
0No linked articles in our index yet.