Lucene search

[email protected]CVE-2010-2332

HistoryJun 18, 2010 - 8:30 p.m.

CVE-2010-2332

2010-06-1820:30:01

CWE-20

[email protected]

web.nvd.nist.gov

cve-2010-2332

impact financials

inc.

pdf reader

iphone

ipod touch

denial of service

remote attack

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.5%

JSON

Impact Financials, Inc. Impact PDF Reader 2.0, 1.2, and other versions for iPhone and iPod touch allows remote attackers to cause a denial of service (server crash) via a “…” body in a POST request.

Affected configurations

NVD

Node

impactfinancialsimpact_pdf_readerMatch1.2

impactfinancialsimpact_pdf_readerMatch2.0

AND

appleiphone_osMatch3.1.3

appleiphone_osMatch3.1.3-ipodtouch

CPENameOperatorVersion
impactfinancials:impact_pdf_readerimpactfinancials impact pdf readereq1.2
impactfinancials:impact_pdf_readerimpactfinancials impact pdf readereq2.0

CPE	Name	Operator	Version
impactfinancials:impact_pdf_reader	impactfinancials impact pdf reader	eq	1.2
impactfinancials:impact_pdf_reader	impactfinancials impact pdf reader	eq	2.0

References

www.exploit-db.com/exploits/13871

www.securityfocus.com/bid/40858

exchange.xforce.ibmcloud.com/vulnerabilities/59433

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.5%

JSON

Related for CVE-2010-2332

cvelist1 nvd1 prion1