CVE-2008-0034
CVE-2008-0034 is a medium-severity vulnerability in Apple Iphone with a CVSS 2.0 base score of 4.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 4.6)
- EPSS exploit prediction: 0% (28th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Apple Iphone
- Published:
- Last modified:
Description
Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls.
Frequently asked questions
- What is CVE-2008-0034?
- Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls.
- How severe is CVE-2008-0034?
- CVE-2008-0034 has a CVSS 2.0 base score of 4.6, rated medium severity.
- Is CVE-2008-0034 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (28th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2008-0034?
- CVE-2008-0034 primarily affects Apple Iphone. In total, 6 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2008-0034?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2008-0034 published?
- CVE-2008-0034 was published on 2008-01-16 and last updated on 2026-06-16.
References
- http://docs.info.apple.com/article.html?artnum=307302
- http://lists.apple.com/archives/security-announce/2008/Jan/msg00000.html
- http://secunia.com/advisories/28497
- http://www.securityfocus.com/bid/27297
- http://www.securitytracker.com/id?1019219
- http://www.vupen.com/english/advisories/2008/0147
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39701
Affected products (6)
- cpe:2.3:h:apple:iphone:1.0:*:*:*:*:*:*:*
- cpe:2.3:h:apple:iphone:1.02:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
More vulnerabilities in Apple Iphone
- CVE-2008-3632 — Critical (CVSS 9.3): Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows…
- CVE-2007-3753 — High (CVSS 7.5): Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximate attackers to cause a denial of service…
- CVE-2022-22592 — Medium (CVSS 6.5): A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS…
- CVE-2008-3950 — Medium (CVSS 5.0): Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple…
- CVE-2007-3754 — Medium (CVSS 4.3): Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted,…
- CVE-2007-3755 — Medium (CVSS 4.3): Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make calls to arbitrary…