Lucene search

AppleCVE-2010-1753

HistoryJun 22, 2010 - 8:30 p.m.

CVE-2010-1753

2010-06-2220:30:01

CWE-119

apple

web.nvd.nist.gov

imageio

apple

ios

cve-2010-1753

iphone

ipod touch

remote code execution

memory corruption

application crash

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.008

Percentile

81.6%

JSON

ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image.

Affected configurations

Nvd

Node

appleiphone_osRange<4.0

AND

appleipod_touchMatch-

appleiphone_osMatch-

VendorProductVersionCPE
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
appleipod_touch-cpe:2.3:h:apple:ipod_touch:-:*:*:*:*:*:*:*
appleiphone_os-cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	iphone_os	*	cpe:2.3:o:apple:iphone_os::::::::
apple	ipod_touch	-	cpe:2.3:h:apple:ipod_touch:-:::::::*
apple	iphone_os	-	cpe:2.3:o:apple:iphone_os:-:::::::*

References

lists.apple.com/archives/security-announce/2010/Jun/msg00003.html

support.apple.com/kb/HT4225

www.securityfocus.com/bid/41016

exchange.xforce.ibmcloud.com/vulnerabilities/59632

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.008

Percentile

81.6%

JSON

Related for CVE-2010-1753