CVE-2010-3832
Summary
| CVE | CVE-2010-3832 |
|---|---|
| State | PUBLISHED |
| Assigner | apple |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-11-26 20:00:03 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:M/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Apple | Ipad | All | All | All | All |
| Operating System | Apple | Iphone Os | All | All | All | All |
| Operating System | Apple | Iphone Os | 1.0.0 | All | All | All |
| Operating System | Apple | Iphone Os | 1.0.1 | All | All | All |
| Operating System | Apple | Iphone Os | 1.0.2 | All | All | All |
| Operating System | Apple | Iphone Os | 1.1.0 | All | All | All |
| Operating System | Apple | Iphone Os | 1.1.1 | All | All | All |
| Operating System | Apple | Iphone Os | 1.1.2 | All | All | All |
| Operating System | Apple | Iphone Os | 1.1.3 | All | All | All |
| Operating System | Apple | Iphone Os | 1.1.4 | All | All | All |
| Operating System | Apple | Iphone Os | 1.1.5 | All | All | All |
| Operating System | Apple | Iphone Os | 2.0 | All | All | All |
| Operating System | Apple | Iphone Os | 2.0.0 | All | All | All |
| Operating System | Apple | Iphone Os | 2.0.1 | All | All | All |
| Operating System | Apple | Iphone Os | 2.0.2 | All | All | All |
| Operating System | Apple | Iphone Os | 2.1 | All | All | All |
| Operating System | Apple | Iphone Os | 2.1.1 | All | All | All |
| Operating System | Apple | Iphone Os | 2.2 | All | All | All |
| Operating System | Apple | Iphone Os | 2.2.1 | All | All | All |
| Operating System | Apple | Iphone Os | 3.0 | All | All | All |
| Operating System | Apple | Iphone Os | 3.0.1 | All | All | All |
| Operating System | Apple | Iphone Os | 3.1 | All | All | All |
| Operating System | Apple | Iphone Os | 3.1.2 | All | All | All |
| Operating System | Apple | Iphone Os | 3.1.3 | All | All | All |
| Operating System | Apple | Iphone Os | 3.2 | All | All | All |
| Operating System | Apple | Iphone Os | 3.2.1 | All | All | All |
| Operating System | Apple | Iphone Os | 3.2.2 | All | All | All |
| Operating System | Apple | Iphone Os | 4.0 | All | All | All |
| Operating System | Apple | Iphone Os | 4.0.1 | All | All | All |
| Operating System | Apple | Iphone Os | 4.0.2 | All | All | All |
| Operating System | Apple | Iphone Os | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| About the security content of iOS 4.2 | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | Patch, Vendor Advisory |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| SecurityTracker.com Archives - Apple iOS Heap Overflow in Processing GSM TMSI Data Lets Remote Users Execute Arbitrary Code | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| APPLE-SA-2010-11-22-1 iOS 4.2 | af854a3a-2127-422b-91ae-364da2661108 | lists.apple.com | Vendor Advisory |
| Apple iOS Multiple Vulnerabilities - Advisories - Community | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.