VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-1809
iphone_os: The Accessibility component in Apple iOS before 4.1...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1809

Original

The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-09-09
Source Information Category:
Advisory, Alert
Last Updated:
2010-09-10




Affected Product Tags
cpe:/o:apple:iphone_os:1.0
cpe:/o:apple:iphone_os:1.0.0
cpe:/o:apple:iphone_os:1.0.0:-:iphone
cpe:/o:apple:iphone_os:1.0.1
cpe:/o:apple:iphone_os:1.0.1:-:iphone
cpe:/o:apple:iphone_os:1.0.2
cpe:/o:apple:iphone_os:1.0.2:-:iphone
cpe:/o:apple:iphone_os:1.1
cpe:/o:apple:iphone_os:1.1.0
cpe:/o:apple:iphone_os:1.1.0:-:iphone
cpe:/o:apple:iphone_os:1.1.0:-:ipodtouch
cpe:/o:apple:iphone_os:1.1.1
cpe:/o:apple:iphone_os:1.1.1:-:iphone
cpe:/o:apple:iphone_os:1.1.1:-:ipodtouch
cpe:/o:apple:iphone_os:1.1.2
cpe:/o:apple:iphone_os:1.1.2:-:iphone
cpe:/o:apple:iphone_os:1.1.2:-:ipodtouch
cpe:/o:apple:iphone_os:1.1.3
cpe:/o:apple:iphone_os:1.1.3:-:iphone
cpe:/o:apple:iphone_os:1.1.3:-:ipodtouch
cpe:/o:apple:iphone_os:1.1.4
cpe:/o:apple:iphone_os:1.1.4:-:iphone
cpe:/o:apple:iphone_os:1.1.4:-:ipodtouch
cpe:/o:apple:iphone_os:1.1.5
cpe:/o:apple:iphone_os:1.1.5:-:iphone
cpe:/o:apple:iphone_os:1.1.5:-:ipodtouch
cpe:/o:apple:iphone_os:2.0
cpe:/o:apple:iphone_os:2.0.0
cpe:/o:apple:iphone_os:2.0.0:-:iphone
cpe:/o:apple:iphone_os:2.0.0:-:ipodtouch
cpe:/o:apple:iphone_os:2.0.1
cpe:/o:apple:iphone_os:2.0.1:-:iphone
cpe:/o:apple:iphone_os:2.0.1:-:ipodtouch
cpe:/o:apple:iphone_os:2.0.2
cpe:/o:apple:iphone_os:2.0.2:-:iphone
cpe:/o:apple:iphone_os:2.0.2:-:ipodtouch
cpe:/o:apple:iphone_os:2.1
cpe:/o:apple:iphone_os:2.1.1
cpe:/o:apple:iphone_os:2.1:-:iphone
cpe:/o:apple:iphone_os:2.1:-:ipodtouch
cpe:/o:apple:iphone_os:2.2
cpe:/o:apple:iphone_os:2.2.1
cpe:/o:apple:iphone_os:2.2.1:-:iphone
cpe:/o:apple:iphone_os:2.2.1:-:ipodtouch
cpe:/o:apple:iphone_os:2.2:-:iphone
cpe:/o:apple:iphone_os:2.2:-:ipodtouch
cpe:/o:apple:iphone_os:3.0
cpe:/o:apple:iphone_os:3.0.1
cpe:/o:apple:iphone_os:3.0.1:-:iphone
cpe:/o:apple:iphone_os:3.0.1:-:ipodtouch
cpe:/o:apple:iphone_os:3.0:-:iphone
cpe:/o:apple:iphone_os:3.0:-:ipodtouch
cpe:/o:apple:iphone_os:3.1
cpe:/o:apple:iphone_os:3.1.2
cpe:/o:apple:iphone_os:3.1.2:-:iphone
cpe:/o:apple:iphone_os:3.1.2:-:ipodtouch
cpe:/o:apple:iphone_os:3.1.3
cpe:/o:apple:iphone_os:3.1.3:-:iphone
cpe:/o:apple:iphone_os:3.1.3:-:ipodtouch
cpe:/o:apple:iphone_os:3.1:-:iphone
cpe:/o:apple:iphone_os:3.1:-:ipodtouch
cpe:/o:apple:iphone_os:3.2
cpe:/o:apple:iphone_os:3.2:-:iphone
cpe:/o:apple:iphone_os:3.2:-:ipodtouch
cpe:/o:apple:iphone_os:4.0
cpe:/o:apple:iphone_os:4.0.1
cpe:/o:apple:iphone_os:4.0.1:-:iphone
cpe:/o:apple:iphone_os:4.0.1:-:ipodtouch
cpe:/o:apple:iphone_os:4.0.2 and previous versions
cpe:/o:apple:iphone_os:4.0.2:-:iphone and previous versions
cpe:/o:apple:iphone_os:4.0.2:-:ipodtouch and previous versions
cpe:/o:apple:iphone_os:4.0:-:iphone
cpe:/o:apple:iphone_os:4.0:-:ipodtouch
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
Medium [?]
X Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
Alternatives




References
APPLE APPLE-SA-2010-09-08-1




CONFIRM http://support.apple.com/kb/HT4334




Vulnerability Type Insufficient Information (NVD-CWE-noinfo)




Copyright © 2010 JPCERT/CC All Rights Reserved.