Vulnerability Description
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone Os | 4.0 |
| Apple | Ipad | All versions |
| Apple | Ipod Touch | All versions |
Related Weaknesses (CWE)
References
- http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html
- http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html
- http://osvdb.org/66827
- http://secunia.com/advisories/40807Vendor Advisory
- http://support.apple.com/kb/HT4291
- http://support.apple.com/kb/HT4292
- http://www.exploit-db.com/exploits/14538Exploit
- http://www.securityfocus.com/bid/42151
- http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html
- http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html
- http://osvdb.org/66827
- http://secunia.com/advisories/40807Vendor Advisory
- http://support.apple.com/kb/HT4291
- http://support.apple.com/kb/HT4292
- http://www.exploit-db.com/exploits/14538Exploit
FAQ
What is CVE-2010-2973?
CVE-2010-2973 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as...
How severe is CVE-2010-2973?
CVE-2010-2973 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2973?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os, Apple Ipad, Apple Ipod Touch.