CVE-2010-0038

EUVD-2010-0070
Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Affected Products (NVD)
VendorProductVersion
appleiphone_os
1.0
appleiphone_os
1.0.0
appleiphone_os
1.0.1
appleiphone_os
1.0.1
appleiphone_os
1.0.2
appleiphone_os
1.0.2
appleiphone_os
1.1
appleiphone_os
1.1.0
appleiphone_os
1.1.0
appleiphone_os
1.1.0
appleiphone_os
1.1.1
appleiphone_os
1.1.1
appleiphone_os
1.1.2
appleiphone_os
1.1.2
appleiphone_os
1.1.2
appleiphone_os
1.1.3
appleiphone_os
1.1.3
appleiphone_os
1.1.3
appleiphone_os
1.1.4
appleiphone_os
1.1.4
appleiphone_os
1.1.4
appleiphone_os
1.1.5
appleiphone_os
1.1.5
appleiphone_os
1.1.5
appleiphone_os
2.0
appleiphone_os
2.0.0
appleiphone_os
2.0.0
appleiphone_os
2.0.0
appleiphone_os
2.0.1
appleiphone_os
2.0.1
appleiphone_os
2.0.1
appleiphone_os
2.0.2
appleiphone_os
2.0.2
appleiphone_os
2.0.2
appleiphone_os
2.1
appleiphone_os
2.1
appleiphone_os
2.1
appleiphone_os
2.1.1
appleiphone_os
2.2
appleiphone_os
2.2
appleiphone_os
2.2
appleiphone_os
2.2.1
appleiphone_os
2.2.1
appleiphone_os
2.2.1
appleiphone_os
3.0
appleiphone_os
3.0
appleiphone_os
3.0.1
appleiphone_os
3.0.1
appleiphone_os
3.1.2
appleiphone_os
3.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html
http://osvdb.org/62128
http://support.apple.com/kb/HT4013
http://www.securityfocus.com/bid/38040
http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html
http://osvdb.org/62128
http://support.apple.com/kb/HT4013
http://www.securityfocus.com/bid/38040