Lucene search

AppleCVE-2010-1817

HistorySep 09, 2010 - 10:00 p.m.

CVE-2010-1817

2010-09-0922:00:01

CWE-119

apple

web.nvd.nist.gov

cve-2010-1817

buffer overflow

imageio

apple ios

iphone

ipod touch

remote attackers

arbitrary code

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.008

Percentile

81.5%

JSON

Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

Affected configurations

Nvd

Node

appleiphone_osRange<4.1

AND

appleipod_touchMatch-

appleiphone_osMatch-

VendorProductVersionCPE
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
appleipod_touch-cpe:2.3:h:apple:ipod_touch:-:*:*:*:*:*:*:*
appleiphone_os-cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	iphone_os	*	cpe:2.3:o:apple:iphone_os::::::::
apple	ipod_touch	-	cpe:2.3:h:apple:ipod_touch:-:::::::*
apple	iphone_os	-	cpe:2.3:o:apple:iphone_os:-:::::::*

References

lists.apple.com/archives/security-announce/2010//Sep/msg00002.html

support.apple.com/kb/HT4334

exchange.xforce.ibmcloud.com/vulnerabilities/61697

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.008

Percentile

81.5%

JSON

Related for CVE-2010-1817