CVE-2010-3832

Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field.

Published: Nov 26, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-3832
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
apple / iphone_os	-	4.1.x
apple / iphone_os	1.0.0	1.0.0.x
apple / iphone_os	1.0.1	1.0.1.x
apple / iphone_os	1.0.2	1.0.2.x
apple / iphone_os	1.1.0	1.1.0.x
apple / iphone_os	1.1.1	1.1.1.x
apple / iphone_os	1.1.2	1.1.2.x
apple / iphone_os	1.1.3	1.1.3.x
apple / iphone_os	1.1.4	1.1.4.x
apple / iphone_os	1.1.5	1.1.5.x
apple / iphone_os	2.0	2.0.x
apple / iphone_os	2.0.0	2.0.0.x
apple / iphone_os	2.0.1	2.0.1.x
apple / iphone_os	2.0.2	2.0.2.x
apple / iphone_os	2.1	2.1.x
apple / iphone_os	2.1.1	2.1.1.x
apple / iphone_os	2.2	2.2.x
apple / iphone_os	2.2.1	2.2.1.x
apple / iphone_os	3.0	3.0.x
apple / iphone_os	3.0.1	3.0.1.x
apple / iphone_os	3.1	3.1.x
apple / iphone_os	3.1.2	3.1.2.x
apple / iphone_os	3.1.3	3.1.3.x
apple / iphone_os	3.2	3.2.x
apple / iphone_os	3.2.1	3.2.1.x
apple / iphone_os	3.2.2	3.2.2.x
apple / iphone_os	4.0	4.0.x
apple / iphone_os	4.0.1	4.0.1.x
apple / iphone_os	4.0.2	4.0.2.x

Vulnerability Database

290,273

CVE-2010-3832