CVE-2010-3832

Sažetak

Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field.

Reference

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
http://support.apple.com/kb/HT4456
http://www.securitytracker.com/id?1024770
http://www.vupen.com/english/advisories/2010/3046
http://secunia.com/advisories/42314
https://exchange.xforce.ibmcloud.com/vulnerabilities/63421

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

09-08-2022 - 13:49

Objavljeno

26-11-2010 - 20:00