PT-2010-2891 · Apple · Ios+1
Published
2010-03-29
·
Updated
2012-03-30
·
CVE-2010-1181
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Safari on Apple iPhone OS version 3.1.3 for iPod touch
Description
The issue allows remote attackers to cause a denial of service, resulting in an application crash, or possibly execute arbitrary code. This is achieved by using a long string in a
MARQUEE element.Recommendations
For Safari on Apple iPhone OS version 3.1.3 for iPod touch, consider avoiding the use of long strings in
MARQUEE elements until a fix is available. As a temporary workaround, restricting the handling of MARQUEE elements may help minimize the risk of exploitation.Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Safari
Ios