Vulnerability Description
Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone Os | 1.0 |
Related Weaknesses (CWE)
References
- http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.htmlVendor Advisory
- http://osvdb.org/62128
- http://support.apple.com/kb/HT4013Vendor Advisory
- http://www.securityfocus.com/bid/38040
- http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.htmlVendor Advisory
- http://osvdb.org/62128
- http://support.apple.com/kb/HT4013Vendor Advisory
- http://www.securityfocus.com/bid/38040
FAQ
What is CVE-2010-0038?
CVE-2010-0038 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, v...
How severe is CVE-2010-0038?
CVE-2010-0038 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0038?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os.