Vulnerability Description
The queueing primitives in IOMobileFrameBuffer in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 do not properly perform type conversion, which allows local users to gain privileges via a crafted application.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone Os | <= 4.2.8 |
Related Weaknesses (CWE)
References
- http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.htmlVendor Advisory
- http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.htmlVendor Advisory
- http://support.apple.com/kb/HT4802Vendor Advisory
- http://support.apple.com/kb/HT4803Vendor Advisory
- http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.htmlVendor Advisory
- http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.htmlVendor Advisory
- http://support.apple.com/kb/HT4802Vendor Advisory
- http://support.apple.com/kb/HT4803Vendor Advisory
FAQ
What is CVE-2011-0227?
CVE-2011-0227 is a vulnerability with a CVSS score of 7.2 (HIGH). The queueing primitives in IOMobileFrameBuffer in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 do not properly perform type conversion, which allows local users to gain privileges via a crafted appli...
How severe is CVE-2011-0227?
CVE-2011-0227 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0227?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os.