Vulnerabilities > CVE-2010-1179 - Numeric Errors vulnerability in Apple Safari

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

apple

CWE-189

critical

exploit available

NVD

Published: 2010-03-29

Updated: 2010-03-30

Summary

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a related issue to CVE-2007-0024.

Vulnerable Configurations

Part	Description	Count
Application	Apple Apple Safari *	1
OS	Apple Apple Iphone OS 3.1.3	2

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

Exploit-Db

description	Bad "VML" Remote DoS on Safari for iPhone & iPod Touch. CVE-2010-1179. Dos exploit for ios platform
file	exploits/ios/dos/11890.txt
id	EDB-ID:11890
last seen	2016-02-01
modified	2010-03-26
platform	ios
port
published	2010-03-26
reporter	Nishant Das Patnaik
source	https://www.exploit-db.com/download/11890/
title	iOS Safari - Bad "VML" Remote DoS
type	dos

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References