Vulnerability Name:

CVE-2007-5450 (CCN-37186)

Assigned:2007-10-11
Published:2007-10-11
Updated:2022-08-09
Summary:Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
8.0 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
8.0 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2007-5450

Source: CCN
Type: SA27213
Apple iPod touch / iPhone TIFF Image Processing Vulnerability

Source: SECUNIA
Type: Vendor Advisory
27213

Source: CCN
Type: Apple Web site
iPhone

Source: CCN
Type: OSVDB ID: 38527
Apple iTouch / iPhone TIFF Image Handling Privilege Escalation

Source: CCN
Type: Toc2rta Blog, 2007-10-10 23:51
The iPhone / iTouch tif exploit is now officially released!

Source: MISC
Type: UNKNOWN
http://www.toc2rta.com/?q=node/23

Source: VUPEN
Type: UNKNOWN
ADV-2007-3485

Source: XF
Type: UNKNOWN
iphone-ipod-tiff-code-execution(37186)

Source: XF
Type: UNKNOWN
iphone-ipod-tiff-code-execution(37186)

Source: EXPLOIT-DB
Type: UNKNOWN
4522

Vulnerable Configuration:Configuration 1:
  • cpe:/o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:1.1.1:*:*:*:*:*:*:*
  • AND
  • cpe:/a:apple:safari:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:1.1.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows_xp:*:*:*:*:home:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:professional:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apple iphone os 1.1.1
    apple ipod touch 1.1.1
    apple safari *
    apple iphone 1.1.1
    apple ipod touch 1.1.1
    microsoft windows xp *
    microsoft windows xp * sp2
    microsoft windows vista *
    apple mac os x 10.4.10