Details of VAR-201103-0263

ID

VAR-201103-0263

CVE

CVE-2011-0162

TITLE

plural Apple Product Wi-Fi Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2011-001372

DESCRIPTION

Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properly perform bounds checking for Wi-Fi frames, which allows remote attackers to cause a denial of service (device reset) via unspecified traffic on the local wireless network. Apple iOS is the latest operating system that runs on Apple iPhone and iPod touch devices. Apple iOS has a boundary check error when processing Wi-Fi frames. When connected to WI-FI, an attacker on the same network segment can restart the device. Multiple Apple products are prone to a remote denial-of-service vulnerability when connected to a Wi-Fi network. This issue is related to insufficient bounds-checking on certain Wi-Fi frames. Attackers on the same network can exploit this issue to cause the affected device to reset, denying service to legitimate users

Trust: 2.52

sources: NVD: CVE-2011-0162 // JVNDB: JVNDB-2011-001372 // CNVD: CNVD-2011-1002 // BID: 46813 // VULHUB: VHN-48107

IOT TAXONOMY

category:

['other device']

sub_category:

general

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	apple	model:	tv	scope:	eq	version:	4.0	Trust: 2.7
vendor:	apple	model:	tv	scope:	eq	version:	4.1	Trust: 1.7
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.5	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.2.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	3.0	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	3.1.3	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	3.2	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0.2	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	3.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	3.1.2	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.0.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.1.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	4.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.0.2	Trust: 1.0
vendor:	apple	model:	tvos	scope:	eq	version:	2.1.0	Trust: 1.0
vendor:	apple	model:	tvos	scope:	eq	version:	2.0.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.2.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0	Trust: 1.0
vendor:	apple	model:	tvos	scope:	eq	version:	2.0.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.0.1	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lte	version:	3.0.2	Trust: 1.0
vendor:	apple	model:	tvos	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.3	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.2	Trust: 1.0
vendor:	apple	model:	tvos	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	apple	model:	tvos	scope:	eq	version:	2.0.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.4	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.2.1	Trust: 1.0
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.9
vendor:	apple	model:	ios beta	scope:	eq	version:	4.2	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.9
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.9
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.9
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.9
vendor:	apple	model:	ios	scope:	eq	version:	3.0 to 4.2.1 (iphone 3gs after )	Trust: 0.8
vendor:	apple	model:	ios	scope:	eq	version:	3.1 to 4.2.1 (ipod touch (3rd generation) after )	Trust: 0.8
vendor:	apple	model:	ios	scope:	eq	version:	3.2 to 4.2.1 (ipad for )	Trust: 0.8
vendor:	apple	model:	ipad	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	iphone	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	ipod touch	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	ios	scope:	ne	version:	4.3	Trust: 0.3
vendor:	apple	model:	tv	scope:	ne	version:	4.2	Trust: 0.3

sources: CNVD: CNVD-2011-1002 // BID: 46813 // JVNDB: JVNDB-2011-001372 // CNNVD: CNNVD-201103-187 // NVD: CVE-2011-0162

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-0162
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-0162
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201103-187
value:	HIGH
Trust: 0.6
VULHUB:	VHN-48107
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-0162
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-48107
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-48107 // JVNDB: JVNDB-2011-001372 // CNNVD: CNNVD-201103-187 // NVD: CVE-2011-0162

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-48107 // JVNDB: JVNDB-2011-001372 // NVD: CVE-2011-0162

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201103-187

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201103-187

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-001372

PATCH

title:	HT4564	url:	http://support.apple.com/kb/HT4564	Trust: 0.8
title:	HT4565	url:	http://support.apple.com/kb/HT4565	Trust: 0.8
title:	HT4564	url:	http://support.apple.com/kb/HT4564?viewlocale=ja_JP	Trust: 0.8
title:	HT4565	url:	http://support.apple.com/kb/HT4565?viewlocale=ja_JP	Trust: 0.8
title:	Patch for Apple Multiple Products WI-FI Frame Boundary Check Remote Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/3248	Trust: 0.6
title:	Apple iOS and TV Wi-Fi Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90712	Trust: 0.6

sources: CNVD: CNVD-2011-1002 // JVNDB: JVNDB-2011-001372 // CNNVD: CNNVD-201103-187

EXTERNAL IDS

db:	NVD	id:	CVE-2011-0162	Trust: 3.5
db:	BID	id:	46813	Trust: 2.8
db:	SECTRACK	id:	1025182	Trust: 2.5
db:	XF	id:	65998	Trust: 0.8
db:	JVNDB	id:	JVNDB-2011-001372	Trust: 0.8
db:	CNNVD	id:	CNNVD-201103-187	Trust: 0.7
db:	CNVD	id:	CNVD-2011-1002	Trust: 0.6
db:	OTHER	id:	NONE	Trust: 0.1
db:	VULHUB	id:	VHN-48107	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2011-1002 // VULHUB: VHN-48107 // BID: 46813 // JVNDB: JVNDB-2011-001372 // CNNVD: CNNVD-201103-187 // NVD: CVE-2011-0162

REFERENCES

url:	http://www.securityfocus.com/bid/46813	Trust: 2.5
url:	http://www.securitytracker.com/id?1025182	Trust: 2.5
url:	http://support.apple.com/kb/ht4564	Trust: 2.3
url:	http://lists.apple.com/archives/security-announce/2011//mar/msg00003.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2011//mar/msg00005.html	Trust: 1.7
url:	http://support.apple.com/kb/ht4565	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/65998	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0162	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/65998	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu867452	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu574588	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0162	Trust: 0.8
url:	http://www.apple.com/appletv/features.html	Trust: 0.3
url:	http://www.apple.com/iphone/softwareupdate/	Trust: 0.3
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2011-1002 // VULHUB: VHN-48107 // BID: 46813 // JVNDB: JVNDB-2011-001372 // CNNVD: CNNVD-201103-187 // NVD: CVE-2011-0162

CREDITS

Scott Boyd of ePlus Technology, inc.

Trust: 0.3

sources: BID: 46813

SOURCES

db:	OTHER	id:	-
db:	CNVD	id:	CNVD-2011-1002
db:	VULHUB	id:	VHN-48107
db:	BID	id:	46813
db:	JVNDB	id:	JVNDB-2011-001372
db:	CNNVD	id:	CNNVD-201103-187
db:	NVD	id:	CVE-2011-0162

LAST UPDATE DATE

2025-01-30T20:51:24.267000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-1002	date:	2011-03-10T00:00:00
db:	VULHUB	id:	VHN-48107	date:	2019-03-08T00:00:00
db:	BID	id:	46813	date:	2015-03-19T09:04:00
db:	JVNDB	id:	JVNDB-2011-001372	date:	2011-04-06T00:00:00
db:	CNNVD	id:	CNNVD-201103-187	date:	2019-03-13T00:00:00
db:	NVD	id:	CVE-2011-0162	date:	2024-11-21T01:23:27.097

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2011-1002	date:	2011-03-10T00:00:00
db:	VULHUB	id:	VHN-48107	date:	2011-03-11T00:00:00
db:	BID	id:	46813	date:	2011-03-09T00:00:00
db:	JVNDB	id:	JVNDB-2011-001372	date:	2011-04-06T00:00:00
db:	CNNVD	id:	CNNVD-201103-187	date:	2011-03-14T00:00:00
db:	NVD	id:	CVE-2011-0162	date:	2011-03-11T22:55:03.057