Description
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
Exploits (1)
exploitdb
SUSPICIOUS
VERIFIED
by jailbreakme · textlocalios
https://www.exploit-db.com/exploits/14538
References (8)
Core 8
Core References
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/14538
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/66827
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4292
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/42151
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4291
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40807
Scores
EPSS
0.0014
EPSS Percentile
33.1%
Details
CWE
CWE-264
Status
published
Products (2)
apple/iphone_os
4.0 (3 CPE variants)
apple/iphone_os
4.0.1 (3 CPE variants)
Published
Aug 05, 2010
Tracked Since
Feb 18, 2026