Lucene search

[email protected]CVE-2010-1757

HistoryJun 22, 2010 - 8:30 p.m.

CVE-2010-1757

2010-06-2220:30:01

CWE-264

[email protected]

web.nvd.nist.gov

cve-2010-1757

webkit

apple ios

boundary restrictions

ui spoofing

crafted html document

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

7.2 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.5%

JSON

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.

Affected configurations

NVD

Node

appleiphone_osRange<4.0

AND

appleipod_touchMatch-

appleiphone_osMatch-

CPENameOperatorVersion
apple:iphone_osapple iphone oslt4.0

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	lt	4.0

References

lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

lists.apple.com/archives/security-announce/2010/Jun/msg00003.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

secunia.com/advisories/42314

secunia.com/advisories/43068

support.apple.com/kb/HT4225

support.apple.com/kb/HT4456

www.securityfocus.com/bid/41016

www.securityfocus.com/bid/41068

www.vupen.com/english/advisories/2011/0212

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

7.2 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.5%

JSON

Related for CVE-2010-1757

nvd1 ubuntucve1 cvelist1 prion1 nessus2