Vulnerability CVE-2010-0042 - CERT Civis.Net

Vulnerability Name:

CVE-2010-0042 (CCN-56829)

Assigned:

2009-12-15

Published:

2010-03-11

Updated:

2017-09-19

Summary:

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image.
Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html

'ImageIO
CVE-ID: CVE-2010-0042
Available for: Windows 7, Vista, XP
Impact: Visiting a maliciously crafted website may result in sending
data from Safari's memory to the website
Description: An uninitialized memory access issue exists in
ImageIO's handling of TIFF images. Visiting a maliciously crafted
website may result in sending data from Safari's memory to the
website. This issue is addressed through improved memory handling and
additional validation of TIFF images. Credit to Matthew 'j00ru'
Jurczyk of Hispasec for reporting this issue.'
Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html

'Safari 4.0.5 is available via the Apple Software Update application,
or Apple's Safari download site at:
http://www.apple.com/safari/download/'

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2010-0042

Source: APPLE
Type: UNKNOWN
APPLE-SA-2010-03-29-1

Source: APPLE
Type: UNKNOWN
APPLE-SA-2010-03-30-2

Source: APPLE
Type: UNKNOWN
APPLE-SA-2010-11-22-1

Source: APPLE
Type: UNKNOWN
APPLE-SA-2010-06-21-1

Source: APPLE
Type: Vendor Advisory
APPLE-SA-2010-03-11-1

Source: CCN
Type: SA38932
Apple Safari Multiple Vulnerabilities

Source: CCN
Type: SA39135
Apple iTunes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
39135

Source: CCN
Type: SA40257
Apple iOS Multiple Vulnerabilities

Source: CCN
Type: SA42314
Apple iOS Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
42314

Source: CCN
Type: SECTRACK ID: 1023706
Apple Safari Bugs Let Remote Users Cause Arbitrary Code to Be Executed

Source: CCN
Type: Apple Web site
About the security content of Safari 4.0.5

Source: CONFIRM
Type: Vendor Advisory
http://support.apple.com/kb/HT4070

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT4077

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT4105

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT4225

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT4456

Source: CCN
Type: OSVDB ID: 62935
Apple Safari on Windows ImageIO Crafted TIFF File Process Memory Disclosure

Source: BID
Type: Patch
38671

Source: CCN
Type: BID-38671
RETIRED: Apple Safari Prior to 4.0.5 Multiple Security Vulnerabilities

Source: BID
Type: Patch
38677

Source: CCN
Type: BID-38677
Apple Safari TIFF Image Uninitialized Memory Information Disclosure Vulnerability

Source: SECTRACK
Type: UNKNOWN
1023706

Source: XF
Type: UNKNOWN
safari-tiff-info-disclosure(56829)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:7561

Vulnerable Configuration:

Configuration 1:

cpe:/a:apple:safari:4.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.0.0b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.0.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.0.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:*:*:*:*:*:*:*:* (Version <= 4.0.4)

AND

cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*

OR cpe:/o:microsoft:windows_7:*:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.1:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.0.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.0.3:*:*:*:*:*:*:*

OR cpe:/a:apple:itunes:9.0.0:-:windows:*:*:*:*:*

OR cpe:/a:apple:safari:4.0.4:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.0:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1.2:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1:-:ipodtouch:*:*:*:*:*

AND

cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:7561	V	Apple Safari TIFF Image Uninitialized Memory Information Disclosure Vulnerability	2015-06-22