Sign-up

ID

VAR-200710-0029


CVE

CVE-2007-5450


TITLE

Apple iPod touch and iPhone of Safari Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-002781

DESCRIPTION

Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file. Safari is prone to a denial-of-service vulnerability. The iPod touch (also known as iTouch) is an MP4 player released by Apple, and the iPhone is a smartphone released by it. There is a vulnerability in the Safari browser of iPod touch when processing malformed TIFF images. Attackers may use this vulnerability to control the user's system. If a user is tricked into viewing a specially crafted TIFF graphic using the Safari browser embedded in the above product, it may trigger a buffer overflow, resulting in denial of service or execution of arbitrary commands. ---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications. Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/ ---------------------------------------------------------------------- TITLE: Apple iPod touch / iPhone TIFF Image Processing Vulnerability SECUNIA ADVISORY ID: SA27213 VERIFY ADVISORY: http://secunia.com/advisories/27213/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Apple iPhone 1.x http://secunia.com/product/15128/ Apple iPod touch 1.x http://secunia.com/product/16074/ DESCRIPTION: A vulnerability has been reported in Apple iPod touch and Apple iPhone, which potentially can be exploited by malicious people to compromise a vulnerable device. The vulnerability is caused due to an error in the processing of TIFF images and can potentially be exploited to execute arbitrary code when a specially crafted TIFF image is viewed, e.g. in the Safari web browser. The vulnerability is reported in iPod touch version 1.1.1 and iPhone version 1.1.1. Other versions may also be affected. This may be related to: SA21304 SOLUTION: Do not browse untrusted web sites and do not open untrusted TIFF images. PROVIDED AND/OR DISCOVERED BY: Niacin ORIGINAL ADVISORY: http://www.toc2rta.com/?q=node/22 OTHER REFERENCES: SA21304: http://secunia.com/advisories/21304/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package. Successful exploitation allows crashing applications linked against libTIFF and may also allow execution of arbitrary code. PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy, Google Security Team. For more information: SA21304 SOLUTION: Apply updated packages

Trust: 2.43

sources: NVD: CVE-2007-5450 // JVNDB: JVNDB-2007-002781 // BID: 85298 // VULHUB: VHN-28812 // PACKETSTORM: 60062 // PACKETSTORM: 48745 // PACKETSTORM: 48790 // PACKETSTORM: 48744 // PACKETSTORM: 48831

AFFECTED PRODUCTS

vendor:applemodel:iphonescope:eqversion:1.1.1

Trust: 1.4

vendor:applemodel:safariscope:eqversion:*

Trust: 1.0

vendor:applemodel:ipod touchscope: - version: -

Trust: 0.8

vendor:applemodel:safariscope: - version: -

Trust: 0.8

vendor:applemodel:ipod touchscope:eqversion:1.1.1

Trust: 0.6

vendor:applemodel:safari for windowsscope:eqversion:5.0.6

Trust: 0.3

sources: BID: 85298 // JVNDB: JVNDB-2007-002781 // CNNVD: CNNVD-200710-287 // NVD: CVE-2007-5450

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-5450
value: HIGH

Trust: 1.0

NVD: CVE-2007-5450
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200710-287
value: CRITICAL

Trust: 0.6

VULHUB: VHN-28812
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-5450
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-28812
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-28812 // JVNDB: JVNDB-2007-002781 // CNNVD: CNNVD-200710-287 // NVD: CVE-2007-5450

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-28812 // JVNDB: JVNDB-2007-002781 // NVD: CVE-2007-5450

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200710-287

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-200710-287

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-002781

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-28812

PATCH
title:Top Pageurl:http://www.apple.com/
Trust: 0.8
title:Apple Safari Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203154
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2007-002781 // 
            
            
            
            CNNVD: CNNVD-200710-287

EXTERNAL IDS
db:NVDid:CVE-2007-5450
Trust: 2.8
db:EXPLOIT-DBid:4522
Trust: 2.0
db:SECUNIAid:27213
Trust: 1.8
db:VUPENid:ADV-2007-3485
Trust: 1.7
db:JVNDBid:JVNDB-2007-002781
Trust: 0.8
db:CNNVDid:CNNVD-200710-287
Trust: 0.6
db:BIDid:85298
Trust: 0.4
db:XFid:37186
Trust: 0.3
db:VULHUBid:VHN-28812
Trust: 0.1
db:PACKETSTORMid:60062
Trust: 0.1
db:SECUNIAid:21304
Trust: 0.1
db:PACKETSTORMid:48745
Trust: 0.1
db:SECUNIAid:21338
Trust: 0.1
db:PACKETSTORMid:48790
Trust: 0.1
db:SECUNIAid:21319
Trust: 0.1
db:PACKETSTORMid:48744
Trust: 0.1
db:SECUNIAid:21370
Trust: 0.1
db:PACKETSTORMid:48831
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28812 // 
            
            
            
            BID: 85298 // 
            
            
            
            JVNDB: JVNDB-2007-002781 // 
            
            
            
            PACKETSTORM: 60062 // 
            
            
            
            PACKETSTORM: 48745 // 
            
            
            
            PACKETSTORM: 48790 // 
            
            
            
            PACKETSTORM: 48744 // 
            
            
            
            PACKETSTORM: 48831 // 
            
            
            
            CNNVD: CNNVD-200710-287 // 
            
            
            
            NVD: CVE-2007-5450

REFERENCES
url:http://www.toc2rta.com/?q=node/23
Trust: 2.0
url:https://www.exploit-db.com/exploits/4522
Trust: 1.7
url:http://secunia.com/advisories/27213
Trust: 1.7
url:http://www.vupen.com/english/advisories/2007/3485
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/37186
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5450
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5450
Trust: 0.8
url:http://secunia.com/secunia_security_advisories/
Trust: 0.5
url:http://secunia.com/about_secunia_advisories/
Trust: 0.5
url:http://secunia.com/advisories/21304/
Trust: 0.5
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.5
url:http://secunia.com/hardcore_disassembler_and_reverse_engineer/
Trust: 0.4
url:http://www.milw0rm.com/exploits/4522
Trust: 0.3
url:http://xforce.iss.net/xforce/xfdb/37186
Trust: 0.3
url:http://www.toc2rta.com/?q=node/22
Trust: 0.1
url:http://secunia.com/product/15128/
Trust: 0.1
url:http://secunia.com/network_software_inspector/
Trust: 0.1
url:http://secunia.com/advisories/27213/
Trust: 0.1
url:http://secunia.com/product/16074/
Trust: 0.1
url:http://rhn.redhat.com/errata/rhsa-2006-0603.html
Trust: 0.1
url:http://secunia.com/product/4053/
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.3-1ubuntu1.5_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.2_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.3-1ubuntu1.5_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.3-1ubuntu1.5_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.2_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.3-1ubuntu1.5_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.2_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.2_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.2_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.2_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.6.1-5ubuntu0.6_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.2_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.2.dsc
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.2.diff.gz
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.2_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.2_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.3-1ubuntu1.5_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.3-1ubuntu1.5.diff.gz
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.2_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.3-1ubuntu1.5_i386.deb
Trust: 0.1
url:http://www.ubuntu.com/usn/usn-330-1
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.2_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1-5ubuntu0.6_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-5ubuntu0.6_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1-5ubuntu0.6_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.3-1ubuntu1.5_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.3-1ubuntu1.5_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.3-1ubuntu1.5_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-5ubuntu0.6_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.3-1ubuntu1.5_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.3-1ubuntu1.5_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.6.1.orig.tar.gz
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.2_powerpc.deb
Trust: 0.1
url:http://secunia.com/advisories/21338/
Trust: 0.1
url:http://secunia.com/product/5036/
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.6.1-5ubuntu0.6.diff.gz
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.2_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.3-1ubuntu1.5_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.3-1ubuntu1.5_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1-5ubuntu0.6_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.3-1ubuntu1.5_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.3-1ubuntu1.5_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.3-1ubuntu1.5_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.3-1ubuntu1.5_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.6.1-5ubuntu0.6_powerpc.deb
Trust: 0.1
url:http://secunia.com/product/6606/
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.3.orig.tar.gz
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.2_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.2_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.2_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-5ubuntu0.6_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.3-1ubuntu1.5_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.2_amd64.deb
Trust: 0.1
url:http://secunia.com/product/10611/
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.2_sparc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.6.1-5ubuntu0.6.dsc
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.3-1ubuntu1.5_amd64.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.3-1ubuntu1.5.dsc
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.2_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.6.1-5ubuntu0.6_i386.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.3-1ubuntu1.5_powerpc.deb
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz
Trust: 0.1
url:http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.2_amd64.deb
Trust: 0.1
url:http://lists.suse.com/archive/suse-security-announce/2006-aug/0001.html
Trust: 0.1
url:http://secunia.com/product/4258/
Trust: 0.1
url:http://secunia.com/product/1171/
Trust: 0.1
url:http://secunia.com/product/4933/
Trust: 0.1
url:http://secunia.com/product/2003/
Trust: 0.1
url:http://secunia.com/product/2002/
Trust: 0.1
url:http://secunia.com/product/10796/
Trust: 0.1
url:http://secunia.com/product/6221/
Trust: 0.1
url:http://secunia.com/advisories/21319/
Trust: 0.1
url:http://secunia.com/product/4118/
Trust: 0.1
url:http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
Trust: 0.1
url:http://secunia.com/product/339/
Trust: 0.1
url:http://secunia.com/advisories/21370/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28812 // 
            
            
            
            BID: 85298 // 
            
            
            
            JVNDB: JVNDB-2007-002781 // 
            
            
            
            PACKETSTORM: 60062 // 
            
            
            
            PACKETSTORM: 48745 // 
            
            
            
            PACKETSTORM: 48790 // 
            
            
            
            PACKETSTORM: 48744 // 
            
            
            
            PACKETSTORM: 48831 // 
            
            
            
            CNNVD: CNNVD-200710-287 // 
            
            
            
            NVD: CVE-2007-5450

CREDITS
Niacin
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200710-287

SOURCES
db:VULHUBid:VHN-28812
db:BIDid:85298
db:JVNDBid:JVNDB-2007-002781
db:PACKETSTORMid:60062
db:PACKETSTORMid:48745
db:PACKETSTORMid:48790
db:PACKETSTORMid:48744
db:PACKETSTORMid:48831
db:CNNVDid:CNNVD-200710-287
db:NVDid:CVE-2007-5450

LAST UPDATE DATE
2024-08-14T12:20:04.330000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-28812date:2017-09-29T00:00:00
db:BIDid:85298date:2007-10-14T00:00:00
db:JVNDBid:JVNDB-2007-002781date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200710-287date:2022-08-10T00:00:00
db:NVDid:CVE-2007-5450date:2022-08-09T13:46:58.897

SOURCES RELEASE DATE
db:VULHUBid:VHN-28812date:2007-10-14T00:00:00
db:BIDid:85298date:2007-10-14T00:00:00
db:JVNDBid:JVNDB-2007-002781date:2012-06-26T00:00:00
db:PACKETSTORMid:60062date:2007-10-13T00:30:02
db:PACKETSTORMid:48745date:2006-08-03T03:35:36
db:PACKETSTORMid:48790date:2006-08-10T00:40:54
db:PACKETSTORMid:48744date:2006-08-03T03:35:36
db:PACKETSTORMid:48831date:2006-08-10T00:40:54
db:CNNVDid:CNNVD-200710-287date:2007-10-14T00:00:00
db:NVDid:CVE-2007-5450date:2007-10-14T18:17:00