Vulnerability Description
Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone Os | <= 4.1 |
| Apple | Ipad | All versions |
Related Weaknesses (CWE)
References
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.htmlVendor Advisory
- http://secunia.com/advisories/42314
- http://support.apple.com/kb/HT4456PatchVendor Advisory
- http://www.securitytracker.com/id?1024770
- http://www.vupen.com/english/advisories/2010/3046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/63421
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.htmlVendor Advisory
- http://secunia.com/advisories/42314
- http://support.apple.com/kb/HT4456PatchVendor Advisory
- http://www.securitytracker.com/id?1024770
- http://www.vupen.com/english/advisories/2010/3046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/63421
FAQ
What is CVE-2010-3832?
CVE-2010-3832 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband p...
How severe is CVE-2010-3832?
CVE-2010-3832 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3832?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os, Apple Ipad.