{"api_version":"1","generated_at":"2026-06-02T17:08:13+00:00","cve":"CVE-2008-3876","urls":{"html":"https://cve.report/CVE-2008-3876","api":"https://cve.report/api/cve/CVE-2008-3876.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2008-3876","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2008-3876"},"summary":{"title":"CVE-2008-3876","description":"Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a tap of any contact's blue arrow.","state":"PUBLISHED","assigner":"mitre","published_at":"2008-09-02 14:24:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"1.9","severity":"","vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:N/A:N","baseScore":1.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://forums.macrumors.com/showpost.php?p=6121914&postcount=118","name":"http://forums.macrumors.com/showpost.php?p=6121914&postcount=118","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"MacRumors Forums - View Single Post -  Major Security Flaw in 2.0.2","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1020763","name":"http://securitytracker.com/id?1020763","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - Apple iPhone Password Locking Bug Lets Physically Local Users Bypass the Password to Access the Device","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://forums.macrumors.com/showthread.php?t=551617","name":"http://forums.macrumors.com/showthread.php?t=551617","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"],"title":"Major Security Flaw in 2.0.2 | MacRumors Forums","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2008-3876","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3876","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2008","cve_id":"3876","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"apple","cpe5":"iphone","cpe6":"2.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T09:53:00.399Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://forums.macrumors.com/showpost.php?p=6121914&postcount=118"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://forums.macrumors.com/showthread.php?t=551617"},{"name":"1020763","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1020763"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-08-26T00:00:00.000Z","descriptions":[{"lang":"en","value":"Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a tap of any contact's blue arrow."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2008-09-17T09:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_MISC"],"url":"http://forums.macrumors.com/showpost.php?p=6121914&postcount=118"},{"tags":["x_refsource_MISC"],"url":"http://forums.macrumors.com/showthread.php?t=551617"},{"name":"1020763","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1020763"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2008-3876","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a tap of any contact's blue arrow."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://forums.macrumors.com/showpost.php?p=6121914&postcount=118","refsource":"MISC","url":"http://forums.macrumors.com/showpost.php?p=6121914&postcount=118"},{"name":"http://forums.macrumors.com/showthread.php?t=551617","refsource":"MISC","url":"http://forums.macrumors.com/showthread.php?t=551617"},{"name":"1020763","refsource":"SECTRACK","url":"http://securitytracker.com/id?1020763"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2008-3876","datePublished":"2008-09-02T14:00:00.000Z","dateReserved":"2008-09-02T00:00:00.000Z","dateUpdated":"2024-08-07T09:53:00.399Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2008-09-02 14:24:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:N/A:N","baseScore":1.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.4,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:apple:iphone:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"2B045BAF-EB4A-409F-97E7-1DB3E89ACD5D"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2008","CveId":"3876","Ordinal":"1","Title":"CVE-2008-3876","CVE":"CVE-2008-3876","Year":"2008"},"notes":[{"CveYear":"2008","CveId":"3876","Ordinal":"1","NoteData":"Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a tap of any contact's blue arrow.","Type":"Description","Title":"CVE-2008-3876"},{"CveYear":"2008","CveId":"3876","Ordinal":"2","NoteData":"2008-09-02","Type":"Other","Title":"Published"},{"CveYear":"2008","CveId":"3876","Ordinal":"3","NoteData":"2008-09-17","Type":"Other","Title":"Modified"}]}}}