Sign-up

ID

VAR-201009-0252


CVE

CVE-2010-1811


TITLE

iPhone and iPod touch Run on Apple iOS of ImageIO Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2010-002082

DESCRIPTION

ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file. Apple iOS for iPhone and iPod touch is prone to a memory-corruption vulnerability that affects the 'ImageIO' component. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application, or crash the affected application. This issue affects iOS 2.0 through 4.0.2 for iPhone 3G and later and iOS 2.1 through 4.0.2 for iPod touch (2nd generation) and later. NOTE: This issue was previously discussed in BID 43070 (Apple iPhone/iPod touch Prior to iOS 4.1 Multiple Vulnerabilities) but has been given its own records to better document it. ImageIO provides ImageReader and ImageWriter plugins for the Graphics Interchange Format (GIF) image format. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42314 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42314/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 RELEASE DATE: 2010-11-24 DISCUSS ADVISORY: http://secunia.com/advisories/42314/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42314/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, or to compromise a user's system. For more information: SA40257 SA41328 SA42151 SA42312 SOLUTION: Upgrade to iOS 4.2 (downloadable and installable via iTunes). ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4456 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2010-1811 // JVNDB: JVNDB-2010-002082 // BID: 43076 // VULHUB: VHN-44416 // PACKETSTORM: 96086

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:4.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6 to v10.6.4

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6 to v10.6.4

Trust: 0.8

vendor:applemodel:iosscope:eqversion:2.0 to 4.0.2 (iphone 3g after )

Trust: 0.8

vendor:applemodel:iosscope:eqversion:2.1 to 4.0.2 (ipod touch (2nd generation) after )

Trust: 0.8

vendor:applemodel:iosscope:eqversion:3.2 to 3.2.2 (ipad for )

Trust: 0.8

vendor:applemodel:iphonescope: - version: -

Trust: 0.8

vendor:applemodel:ipod touchscope: - version: -

Trust: 0.8

vendor:applemodel:iphone osscope:eqversion:1.1.5

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:2.2

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:2.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:1.0.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:4.0.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:4.0

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:2.2.1

Trust: 0.6

vendor:applemodel:iosscope:neversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:2.2.1

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.2.1

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.1.2-

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.1.3-

Trust: 0.3

vendor:applemodel:iosscope:neversion:4.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:2.2.1-

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.0

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.2

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.4

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:4.0.1-

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:3.1.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.1.2-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.1.3-

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:3.1.1

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:4.0-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:2.2.1-

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.0.1

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.2-

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.0.1-

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.5

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:3.1.3

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:2.2-

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:4.0-

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:2.1-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.2-

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.3

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.0.1-

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.2

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.0-

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:2.0.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:2.2-

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.0.2

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.1-

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.6.5

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.1.2

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:2.1-

Trust: 0.3

vendor:applemodel:ios betascope:eqversion:4.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.0-

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:iphone ipadscope:eqversion:3.2.1-

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.1-

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.1.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.3

Trust: 0.3

sources: BID: 43076 // JVNDB: JVNDB-2010-002082 // CNNVD: CNNVD-201009-061 // NVD: CVE-2010-1811

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-1811
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-1811
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201009-061
value: MEDIUM

Trust: 0.6

VULHUB: VHN-44416
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-1811
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2010-1811
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-44416
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-44416 // JVNDB: JVNDB-2010-002082 // CNNVD: CNNVD-201009-061 // NVD: CVE-2010-1811

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-44416 // JVNDB: JVNDB-2010-002082 // NVD: CVE-2010-1811

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201009-061

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201009-061

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-002082

PATCH
title:HT4334url:http://support.apple.com/kb/HT4334
Trust: 0.8
title:HT4435url:http://support.apple.com/kb/HT4435
Trust: 0.8
title:HT4456url:http://support.apple.com/kb/HT4456
Trust: 0.8
title:HT4334url:http://support.apple.com/kb/HT4334?viewlocale=ja_JP
Trust: 0.8
title:HT4435url:http://support.apple.com/kb/HT4435?viewlocale=ja_JP
Trust: 0.8
title:HT4456url:http://support.apple.com/kb/HT4456?viewlocale=ja_JP
Trust: 0.8
title:Apple iOS ImageIO Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203171
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2010-002082 // 
            
            
            
            CNNVD: CNNVD-201009-061

EXTERNAL IDS
db:NVDid:CVE-2010-1811
Trust: 2.8
db:SECUNIAid:42314
Trust: 1.8
db:XFid:61696
Trust: 0.8
db:JVNDBid:JVNDB-2010-002082
Trust: 0.8
db:CNNVDid:CNNVD-201009-061
Trust: 0.7
db:BIDid:43076
Trust: 0.4
db:VULHUBid:VHN-44416
Trust: 0.1
db:PACKETSTORMid:96086
Trust: 0.1
sources:
            
            
            VULHUB: VHN-44416 // 
            
            
            
            BID: 43076 // 
            
            
            
            JVNDB: JVNDB-2010-002082 // 
            
            
            
            PACKETSTORM: 96086 // 
            
            
            
            CNNVD: CNNVD-201009-061 // 
            
            
            
            NVD: CVE-2010-1811

REFERENCES
url:http://support.apple.com/kb/ht4456
Trust: 1.8
url:http://lists.apple.com/archives/security-announce/2010//sep/msg00002.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html
Trust: 1.7
url:http://support.apple.com/kb/ht4334
Trust: 1.7
url:http://support.apple.com/kb/ht4435
Trust: 1.7
url:http://secunia.com/advisories/42314
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/61696
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1811
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/61696
Trust: 0.8
url:http://jvn.jp/cert/jvnvu331391
Trust: 0.8
url:http://jvn.jp/cert/jvnvu407599
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1811
Trust: 0.8
url:http://www.apple.com/iphone/softwareupdate/
Trust: 0.3
url:http://www.apple.com/iphone/
Trust: 0.3
url:http://www.apple.com/ipodtouch/
Trust: 0.3
url:http://secunia.com/products/corporate/evm/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/42314/
Trust: 0.1
url:http://secunia.com/products/corporate/vim/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/42314/#comments
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=42314
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-44416 // 
            
            
            
            BID: 43076 // 
            
            
            
            JVNDB: JVNDB-2010-002082 // 
            
            
            
            PACKETSTORM: 96086 // 
            
            
            
            CNNVD: CNNVD-201009-061 // 
            
            
            
            NVD: CVE-2010-1811

CREDITS
Apple
Trust: 0.3
sources:
            
            
            BID: 43076

SOURCES
db:VULHUBid:VHN-44416
db:BIDid:43076
db:JVNDBid:JVNDB-2010-002082
db:PACKETSTORMid:96086
db:CNNVDid:CNNVD-201009-061
db:NVDid:CVE-2010-1811

LAST UPDATE DATE
2024-11-23T19:34:13.880000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-44416date:2018-11-16T00:00:00
db:BIDid:43076date:2010-11-22T18:36:00
db:JVNDBid:JVNDB-2010-002082date:2010-11-26T00:00:00
db:CNNVDid:CNNVD-201009-061date:2022-08-10T00:00:00
db:NVDid:CVE-2010-1811date:2024-11-21T01:15:14.647

SOURCES RELEASE DATE
db:VULHUBid:VHN-44416date:2010-09-09T00:00:00
db:BIDid:43076date:2010-09-08T00:00:00
db:JVNDBid:JVNDB-2010-002082date:2010-10-04T00:00:00
db:PACKETSTORMid:96086date:2010-11-24T11:53:31
db:CNNVDid:CNNVD-201009-061date:2010-09-13T00:00:00
db:NVDid:CVE-2010-1811date:2010-09-09T22:00:01.623