| Vulnerability Name: | CVE-2010-1809 (CCN-61694) | ||||||||
| Assigned: | 2010-09-08 | ||||||||
| Published: | 2010-09-08 | ||||||||
| Updated: | 2022-08-09 | ||||||||
| Summary: | The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||
| Vulnerability Consequences: | Other | ||||||||
| References: | Source: MITRE Type: CNA CVE-2010-1809 Source: APPLE Type: Mailing List, Vendor Advisory APPLE-SA-2010-09-08-1 Source: CCN Type: SA41328 Apple iOS Multiple Vulnerabilities Source: CCN Type: Apple Web site About the security content of iOS 4.1 for iPhone and iPod touch Source: CONFIRM Type: Vendor Advisory http://support.apple.com/kb/HT4334 Source: CCN Type: OSVDB ID: 67927 Apple iOS Accessibility Component on iPhone / iPod Location Services VoiceOver Announcement Unspecified Issue Source: XF Type: Third Party Advisory, VDB Entry appleios-voiceover-weak-security(61694) Source: XF Type: UNKNOWN appleios-voiceover-weak-security(61694) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||