// For flags

CVE-2010-1226

iPhone Springboard - Malformed Character Crash (PoC)

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

3
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV element, related to a "malformed character" issue.

La funcionalidad de cliente HTTP en Apple iPhone OS 3.1 en el iPhone 2G y 3.1.3 en el iPhone 3GS permite a atacantes remotos provocar una denegación de servicio (caída de Safari, Mail o Springboard) mediante un innerHTML manipulado propiedad de un elemento DIV, en relación con un problema de "caracter malformado".

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-03-15 First Exploit
  • 2010-04-01 CVE Reserved
  • 2010-04-01 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-11-09 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.1
Search vendor "Apple" for product "Iphone Os" and version "3.1"
-
Affected
in Apple
Search vendor "Apple"
Iphone
Search vendor "Apple" for product "Iphone"
2g
Search vendor "Apple" for product "Iphone" and version "2g"
-
Safe
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.1.3
Search vendor "Apple" for product "Iphone Os" and version "3.1.3"
-
Affected
in Apple
Search vendor "Apple"
Iphone
Search vendor "Apple" for product "Iphone"
3gs
Search vendor "Apple" for product "Iphone" and version "3gs"
-
Safe