Published: 05/08/2010 Updated: 09/08/2022

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

VMScore: 695

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Integer overflow in IOSurface in Apple iOS prior to 4.0.2 on the iPhone and iPod touch, and prior to 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone_os 4.0
apple iphone_os 4.0.1

The files contained in the archive link below are those that make use of a pdf exploit in order to jailbreak devices running Apple iOS These pdf's are of interest in that they originate in userland and give root access to the devices githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/145387z (ios_pdf_exploit7z) ...

CWE-264 http://www.exploit-db.com/exploits/14538 http://www.securityfocus.com/bid/42151 http://osvdb.org/66827 http://secunia.com/advisories/40807 http://support.apple.com/kb/HT4292 http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html http://support.apple.com/kb/HT4291 https://nvd.nist.gov https://www.exploit-db.com/exploits/14538/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2973

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect