CyberSec.Space Logo
Back to CVE Browser

CVE-2010-2973

MEDIUM
6.9
CVSS Severity Score
EPSS Score0.1630%
EPSS Percentile11.88th
PublishedAug 5, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.

Affected Platforms (CPE)

πŸ’»
Apple

Iphone Os

= 4.0
πŸ’»
Apple

Iphone Os

= 4.0
πŸ’»
Apple

Iphone Os

= 4.0.1
πŸ’»
Apple

Iphone Os

= 4.0.1
πŸ’»
Apple

Iphone Os

= 4.0
πŸ’»
Apple

Iphone Os

= 4.0.1

References & Advisories

πŸ”— http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html
πŸ”— http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html
πŸ”— http://osvdb.org/66827
πŸ”— http://secunia.com/advisories/40807
πŸ”— http://support.apple.com/kb/HT4291
πŸ”— http://support.apple.com/kb/HT4292
πŸ”— http://www.exploit-db.com/exploits/14538
πŸ”— http://www.securityfocus.com/bid/42151

Related Vulnerabilities

CVE-2008-421110.0

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iP...

CVE-2009-220410.0

Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitr...

CVE-2008-230310.0

Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitra...

CVE-2010-111910.0

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on ...