Unrated severityNVD Advisory· Published Jul 14, 2008· Updated Jun 16, 2026
CVE-2008-2303
CVE-2008-2303
Description
Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript array indices that trigger an out-of-bounds access, a different vulnerability than CVE-2008-2307.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
- (no CPE)range: <2.0
- Range: <2.0
- Range: <2.0
Patches
Vulnerability mechanics
References
8- lists.apple.com/archives/security-announce//2008/Nov/msg00001.htmlnvd
- lists.apple.com/archives/security-announce/2008//Jul/msg00001.htmlnvd
- secunia.com/advisories/31074nvd
- secunia.com/advisories/32706nvd
- support.apple.com/kb/HT3298nvd
- www.securityfocus.com/bid/30186nvd
- www.vupen.com/english/advisories/2008/2094/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/43736nvd
News mentions
0No linked articles in our index yet.