Lucene search

[email protected]CVE-2010-1809

HistorySep 09, 2010 - 10:00 p.m.

CVE-2010-1809

2010-09-0922:00:01

[email protected]

web.nvd.nist.gov

cve-2010-1809

accessibility

apple ios

iphone

ipod touch

voiceover

location services

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

JSON

The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.

Affected configurations

NVD

Node

appleiphone_osRange<4.1

AND

appleipod_touchMatch-

appleiphone_osMatch-

CPENameOperatorVersion
apple:iphone_osapple iphone oslt4.1

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	lt	4.1

References

lists.apple.com/archives/security-announce/2010//Sep/msg00002.html

support.apple.com/kb/HT4334

exchange.xforce.ibmcloud.com/vulnerabilities/61694

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

JSON

Related for CVE-2010-1809

prion1 nvd1 cvelist1