Sign-up

ID

VAR-201006-0312


CVE

CVE-2010-1752


TITLE

Apple iOS of CFNetwork Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2010-001675

DESCRIPTION

Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. Apple iOS for iPhone and iPod touch is prone to multiple security vulnerabilities, including information-disclosure, remote code-execution, denial-of-service, security-bypass, and spoofing issues. These issues affect the Sandbox, CFNetwork, ImageIO, Passcode Lock, Safari, Settings, and WebKit components. Successfully exploiting these issues may allow attackers to crash the affected device, bypass security restrictions, obtain sensitive information, or execute arbitrary code. Other attacks are also possible. Versions prior to iOS 4 are vulnerable. This BID is being retired. Apple iOS and Mac OS X are prone to a stack-based buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed exploit attempts will likely result in denial-of-service conditions. Apple iOS is an operating system developed by Apple Inc. for the iPhone. It is mainly used for iPhone, iPod touch and iPad

Trust: 2.25

sources: NVD: CVE-2010-1752 // JVNDB: JVNDB-2010-001675 // BID: 41016 // BID: 41049 // VULHUB: VHN-44357

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:4.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6 to v10.6.4

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6 to v10.6.4

Trust: 0.8

vendor:applemodel:iosscope:eqversion:2.0 to 3.1.3

Trust: 0.8

vendor:applemodel:ios for ipod touchscope:eqversion:2.1 to 3.1.3

Trust: 0.8

vendor:applemodel:iphonescope: - version: -

Trust: 0.8

vendor:applemodel:ipod touchscope: - version: -

Trust: 0.8

vendor:applemodel:ipod touchscope:eqversion:3.1.3

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:3.1.2

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:3.1.1

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.2.1

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.0.2

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.0.1

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:3.0

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.2

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.1

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.0

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.1.3

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.1.2

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.0.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.2.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.0.2

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.0.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.0

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.2

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.0

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.6

vendor:applemodel:iosscope:neversion:4

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.0.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.0

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:1.1.0

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:1.0.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:1.0.0

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.2

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:1.0.2

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.1.3

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.1.2

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.6.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.6.5

Trust: 0.3

sources: BID: 41016 // BID: 41049 // JVNDB: JVNDB-2010-001675 // CNNVD: CNNVD-201006-362 // NVD: CVE-2010-1752

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-1752
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-1752
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201006-362
value: MEDIUM

Trust: 0.6

VULHUB: VHN-44357
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-1752
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-44357
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-44357 // JVNDB: JVNDB-2010-001675 // CNNVD: CNNVD-201006-362 // NVD: CVE-2010-1752

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-44357 // JVNDB: JVNDB-2010-001675 // NVD: CVE-2010-1752

THREAT TYPE

network

Trust: 0.6

sources: BID: 41016 // BID: 41049

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201006-362

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-001675

PATCH
title:HT4225url:http://support.apple.com/kb/HT4225
Trust: 0.8
title:HT4435url:http://support.apple.com/kb/HT4435
Trust: 0.8
title:HT4225url:http://support.apple.com/kb/HT4225?viewlocale=ja_JP
Trust: 0.8
title:HT4435url:http://support.apple.com/kb/HT4435?viewlocale=ja_JP
Trust: 0.8
title:Apple iOS CFNewwork Repair measures for stack buffer error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203164
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2010-001675 // 
            
            
            
            CNNVD: CNNVD-201006-362

EXTERNAL IDS
db:NVDid:CVE-2010-1752
Trust: 2.8
db:BIDid:41016
Trust: 2.0
db:XFid:59631
Trust: 0.8
db:JVNDBid:JVNDB-2010-001675
Trust: 0.8
db:CNNVDid:CNNVD-201006-362
Trust: 0.7
db:BIDid:41049
Trust: 0.4
db:VULHUBid:VHN-44357
Trust: 0.1
sources:
            
            
            VULHUB: VHN-44357 // 
            
            
            
            BID: 41016 // 
            
            
            
            BID: 41049 // 
            
            
            
            JVNDB: JVNDB-2010-001675 // 
            
            
            
            CNNVD: CNNVD-201006-362 // 
            
            
            
            NVD: CVE-2010-1752

REFERENCES
url:http://lists.apple.com/archives/security-announce/2010/jun/msg00003.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html
Trust: 1.7
url:http://www.securityfocus.com/bid/41016
Trust: 1.7
url:http://support.apple.com/kb/ht4225
Trust: 1.7
url:http://support.apple.com/kb/ht4435
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/59631
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1752
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/59631
Trust: 0.8
url:http://jvn.jp/cert/jvnvu331391
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1752
Trust: 0.8
url:http://www.apple.com/iphone/softwareupdate/
Trust: 0.6
url:http://www.apple.com/iphone/
Trust: 0.6
url:http://www.apple.com/ipodtouch/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-44357 // 
            
            
            
            BID: 41016 // 
            
            
            
            BID: 41049 // 
            
            
            
            JVNDB: JVNDB-2010-001675 // 
            
            
            
            CNNVD: CNNVD-201006-362 // 
            
            
            
            NVD: CVE-2010-1752

CREDITS
Zac White; Laurent OUDOT of TEHTRI-Security; Ladd Van Tol of Critical Path Software; Apple; Jason Dent of Street Side Software; Sidney San Martin of DeepTech, Inc.; Wilfried Teiken; Darin Fisher of Google Inc.; Wayne Pan of AdMob, Inc.; wushi of team509.
Trust: 0.3
sources:
            
            
            BID: 41016

SOURCES
db:VULHUBid:VHN-44357
db:BIDid:41016
db:BIDid:41049
db:JVNDBid:JVNDB-2010-001675
db:CNNVDid:CNNVD-201006-362
db:NVDid:CVE-2010-1752

LAST UPDATE DATE
2024-11-23T20:51:25.135000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-44357date:2018-11-16T00:00:00
db:BIDid:41016date:2010-06-23T16:08:00
db:BIDid:41049date:2010-11-11T19:27:00
db:JVNDBid:JVNDB-2010-001675date:2010-11-26T00:00:00
db:CNNVDid:CNNVD-201006-362date:2022-08-10T00:00:00
db:NVDid:CVE-2010-1752date:2024-11-21T01:15:07.520

SOURCES RELEASE DATE
db:VULHUBid:VHN-44357date:2010-06-22T00:00:00
db:BIDid:41016date:2010-06-21T00:00:00
db:BIDid:41049date:2010-06-22T00:00:00
db:JVNDBid:JVNDB-2010-001675date:2010-07-14T00:00:00
db:CNNVDid:CNNVD-201006-362date:2010-06-24T00:00:00
db:NVDid:CVE-2010-1752date:2010-06-22T20:30:01.557