Sign-up

ID

VAR-201006-0330


CVE

CVE-2010-1757


TITLE

Apple iOS of WebKit Vulnerabilities in user interface spoofing

Trust: 0.8

sources: JVNDB: JVNDB-2010-001682

DESCRIPTION

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document. Apple iOS for iPhone and iPod touch is prone to multiple security vulnerabilities, including information-disclosure, remote code-execution, denial-of-service, security-bypass, and spoofing issues. These issues affect the Sandbox, CFNetwork, ImageIO, Passcode Lock, Safari, Settings, and WebKit components. Successfully exploiting these issues may allow attackers to crash the affected device, bypass security restrictions, obtain sensitive information, or execute arbitrary code. Other attacks are also possible. Versions prior to iOS 4 are vulnerable. This BID is being retired. WebKit is prone to a cross-domain spoofing vulnerability. Apple iOS is an operating system developed by Apple Inc. for the iPhone. It is mainly used for iPhone, iPod touch and iPad. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42314 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42314/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 RELEASE DATE: 2010-11-24 DISCUSS ADVISORY: http://secunia.com/advisories/42314/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42314/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, or to compromise a user's system. For more information: SA40257 SA41328 SA42151 SA42312 SOLUTION: Upgrade to iOS 4.2 (downloadable and installable via iTunes). ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4456 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . For more information: SA32349 SA33495 SA35095 SA35379 SA35411 SA35449 SA35758 SA36269 SA36677 SA37273 SA37346 SA37769 SA38061 SA38545 SA38932 SA39029 SA39091 SA39384 SA39661 SA39937 SA40002 SA40072 SA40105 SA40112 SA40148 SA40196 SA40257 SA40664 SA40783 SA41014 SA41085 SA41242 SA41328 SA41390 SA41443 SA41535 SA41841 SA41888 SA41968 SA42151 SA42264 SA42290 SA42312 SA42443 SA42461 SA42658 SA42769 SA42886 SA42956 SA43053 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server

Trust: 2.43

sources: NVD: CVE-2010-1757 // JVNDB: JVNDB-2010-001682 // BID: 41016 // BID: 41068 // VULHUB: VHN-44362 // PACKETSTORM: 96086 // PACKETSTORM: 97846

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:4.0

Trust: 1.0

vendor:applemodel:iosscope:eqversion:2.0 to 3.1.3

Trust: 0.8

vendor:applemodel:iosscope:eqversion:3.2 to 3.2.2 (ipad for )

Trust: 0.8

vendor:applemodel:ios for ipod touchscope:eqversion:2.1 to 3.1.3

Trust: 0.8

vendor:applemodel:ipadscope: - version: -

Trust: 0.8

vendor:applemodel:iphonescope: - version: -

Trust: 0.8

vendor:applemodel:ipod touchscope: - version: -

Trust: 0.8

vendor:applemodel:ipod touchscope:eqversion:3.1.3

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:3.1.2

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:3.1.1

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.2.1

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.0.2

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.0.1

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:3.0

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.2

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.1

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:2.0

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.1.3

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.1.2

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.0.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.2.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.0.2

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.0.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:3.0

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.2

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.1

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.0

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.6

vendor:applemodel:iosscope:neversion:4

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:2.2

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.0.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.0

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:2.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:2.0.2

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.2

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:2.2.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.1.3

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:3.1.2

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:ios betascope:eqversion:4.2

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:neversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

sources: BID: 41016 // BID: 41068 // JVNDB: JVNDB-2010-001682 // CNNVD: CNNVD-201006-367 // NVD: CVE-2010-1757

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-1757
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-1757
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201006-367
value: MEDIUM

Trust: 0.6

VULHUB: VHN-44362
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-1757
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-44362
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-44362 // JVNDB: JVNDB-2010-001682 // CNNVD: CNNVD-201006-367 // NVD: CVE-2010-1757

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-44362 // JVNDB: JVNDB-2010-001682 // NVD: CVE-2010-1757

THREAT TYPE

network

Trust: 0.6

sources: BID: 41016 // BID: 41068

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201006-367

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-001682

PATCH
title:HT4225url:http://support.apple.com/kb/HT4225
Trust: 0.8
title:HT4456url:http://support.apple.com/kb/HT4456
Trust: 0.8
title:HT4225url:http://support.apple.com/kb/HT4225?viewlocale=ja_JP
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-001682

EXTERNAL IDS
db:BIDid:41068
Trust: 2.8
db:NVDid:CVE-2010-1757
Trust: 2.8
db:BIDid:41016
Trust: 2.0
db:SECUNIAid:43068
Trust: 1.8
db:SECUNIAid:42314
Trust: 1.8
db:VUPENid:ADV-2011-0212
Trust: 1.7
db:JVNDBid:JVNDB-2010-001682
Trust: 0.8
db:CNNVDid:CNNVD-201006-367
Trust: 0.7
db:VULHUBid:VHN-44362
Trust: 0.1
db:PACKETSTORMid:96086
Trust: 0.1
db:PACKETSTORMid:97846
Trust: 0.1
sources:
            
            
            VULHUB: VHN-44362 // 
            
            
            
            BID: 41016 // 
            
            
            
            BID: 41068 // 
            
            
            
            JVNDB: JVNDB-2010-001682 // 
            
            
            
            PACKETSTORM: 96086 // 
            
            
            
            PACKETSTORM: 97846 // 
            
            
            
            CNNVD: CNNVD-201006-367 // 
            
            
            
            NVD: CVE-2010-1757

REFERENCES
url:http://www.securityfocus.com/bid/41068
Trust: 2.5
url:http://support.apple.com/kb/ht4456
Trust: 1.8
url:http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
Trust: 1.8
url:http://lists.apple.com/archives/security-announce/2010/jun/msg00003.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html
Trust: 1.7
url:http://www.securityfocus.com/bid/41016
Trust: 1.7
url:http://support.apple.com/kb/ht4225
Trust: 1.7
url:http://secunia.com/advisories/42314
Trust: 1.7
url:http://secunia.com/advisories/43068
Trust: 1.7
url:http://www.vupen.com/english/advisories/2011/0212
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1757
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1757
Trust: 0.8
url:http://www.apple.com/iphone/softwareupdate/
Trust: 0.6
url:http://www.apple.com/iphone/
Trust: 0.6
url:http://www.apple.com/ipodtouch/
Trust: 0.6
url:http://secunia.com/products/corporate/evm/
Trust: 0.2
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.2
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.2
url:http://secunia.com/products/corporate/vim/
Trust: 0.2
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.2
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.2
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.2
url:http://secunia.com/advisories/42314/
Trust: 0.1
url:http://secunia.com/advisories/42314/#comments
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=42314
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=43068
Trust: 0.1
url:http://secunia.com/advisories/43068/#comments
Trust: 0.1
url:http://secunia.com/advisories/43068/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-44362 // 
            
            
            
            BID: 41016 // 
            
            
            
            BID: 41068 // 
            
            
            
            JVNDB: JVNDB-2010-001682 // 
            
            
            
            PACKETSTORM: 96086 // 
            
            
            
            PACKETSTORM: 97846 // 
            
            
            
            CNNVD: CNNVD-201006-367 // 
            
            
            
            NVD: CVE-2010-1757

CREDITS
Zac White; Laurent OUDOT of TEHTRI-Security; Ladd Van Tol of Critical Path Software; Apple; Jason Dent of Street Side Software; Sidney San Martin of DeepTech, Inc.; Wilfried Teiken; Darin Fisher of Google Inc.; Wayne Pan of AdMob, Inc.; wushi of team509.
Trust: 0.3
sources:
            
            
            BID: 41016

SOURCES
db:VULHUBid:VHN-44362
db:BIDid:41016
db:BIDid:41068
db:JVNDBid:JVNDB-2010-001682
db:PACKETSTORMid:96086
db:PACKETSTORMid:97846
db:CNNVDid:CNNVD-201006-367
db:NVDid:CVE-2010-1757

LAST UPDATE DATE
2024-11-23T19:27:21.300000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-44362date:2018-11-16T00:00:00
db:BIDid:41016date:2010-06-23T16:08:00
db:BIDid:41068date:2010-11-22T19:16:00
db:JVNDBid:JVNDB-2010-001682date:2010-12-10T00:00:00
db:CNNVDid:CNNVD-201006-367date:2022-08-10T00:00:00
db:NVDid:CVE-2010-1757date:2024-11-21T01:15:08.123

SOURCES RELEASE DATE
db:VULHUBid:VHN-44362date:2010-06-22T00:00:00
db:BIDid:41016date:2010-06-21T00:00:00
db:BIDid:41068date:2010-06-21T00:00:00
db:JVNDBid:JVNDB-2010-001682date:2010-07-14T00:00:00
db:PACKETSTORMid:96086date:2010-11-24T11:53:31
db:PACKETSTORMid:97846date:2011-01-25T03:59:20
db:CNNVDid:CNNVD-201006-367date:2010-06-24T00:00:00
db:NVDid:CVE-2010-1757date:2010-06-22T20:30:01.697