CVE-2010-2973

{"id": "CVE-2010-2973", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-08-05T18:17:58.197", "references": [{"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html", "source": "cve@mitre.org"}, {"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/66827", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/40807", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.apple.com/kb/HT4291", "source": "cve@mitre.org"}, {"url": "http://support.apple.com/kb/HT4292", "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/14538", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/42151", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe."}, {"lang": "es", "value": "Un desbordamiento de enteros en IOSurface en Apple iOS anterior a versi\u00f3n 4.0.2 en el iPhone y iPod touch, y anterior a versi\u00f3n 3.2.2 en la iPad, permite a los usuarios locales alcanzar privilegios por medio de vectores que involucran las propiedades de IOSurface, como es demostrado por JailbreakMe."}], "lastModified": "2022-08-09T13:49:00.300", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12E22AF0-2B66-425A-A1EE-4F0E3B0433E7"}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0:-:iphone:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "954CDDCB-AC22-448D-8ECA-CFA4DBA1BC27"}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB34ECBE-33E8-40E1-936B-7800D2525AE6"}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:-:iphone:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECE983F6-A597-4581-A254-80396B54F2D5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "340C4071-1447-477F-942A-8E09EA29F917"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12E22AF0-2B66-425A-A1EE-4F0E3B0433E7"}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB34ECBE-33E8-40E1-936B-7800D2525AE6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:apple:ipad:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BAADE29A-712B-4AD5-A78B-6AD537BA9196"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12E22AF0-2B66-425A-A1EE-4F0E3B0433E7"}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0:-:ipodtouch:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54FECD66-4216-43FC-9959-B8EA9545449C"}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB34ECBE-33E8-40E1-936B-7800D2525AE6"}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:-:ipodtouch:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "586C0CB3-98E5-4CB3-8F23-27F01233D6C4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "88FA2602-DDAB-4E23-A3D2-FB712970AAD1"}], "operator": "OR"}], "operator": "AND"}], "evaluatorImpact": "Per: http://xforce.iss.net/xforce/xfdb/60856\r\n\r\n'Platforms Affected:\r\n\r\n * Apple iPhone OS 4.0 iPodtouch\r\n * Apple iPhone OS 4.0\r\n * Apple iPhone OS 4.0.1 iPodtouch\r\n * Apple iPhone OS 4.0.1 '\r\n\r\n\r\nPer: http://www.securityfocus.com/bid/42151/discuss\r\n\r\n'versions 4.0.1 and prior are vulnerable.'", "sourceIdentifier": "cve@mitre.org"}