fkie_cve-2011-3430
Vulnerability from fkie_nvd
Published
2011-10-14 10:55
Modified
2025-04-11 00:51
Severity ?
Summary
The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | iphone_os | 3.0 | |
| apple | iphone_os | 3.1 | |
| apple | iphone_os | 3.1 | |
| apple | iphone_os | 3.1 | |
| apple | iphone_os | 3.1.2 | |
| apple | iphone_os | 3.1.3 | |
| apple | iphone_os | 3.2 | |
| apple | iphone_os | 3.2 | |
| apple | iphone_os | 3.2.1 | |
| apple | iphone_os | 3.2.1 | |
| apple | iphone_os | 3.2.2 | |
| apple | iphone_os | 4.0 | |
| apple | iphone_os | 4.0 | |
| apple | iphone_os | 4.0 | |
| apple | iphone_os | 4.0.1 | |
| apple | iphone_os | 4.0.1 | |
| apple | iphone_os | 4.0.1 | |
| apple | iphone_os | 4.0.2 | |
| apple | iphone_os | 4.1 | |
| apple | iphone_os | 4.2.1 | |
| apple | iphone_os | 4.2.5 | |
| apple | iphone_os | 4.2.8 | |
| apple | iphone_os | 4.3.0 | |
| apple | iphone_os | 4.3.1 | |
| apple | iphone_os | 4.3.2 | |
| apple | iphone_os | 4.3.3 | |
| apple | iphone_os | 4.3.5 | |
| apple | iphone_os | 4.3.5 | |
| apple | iphone_os | 4.3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.0:-:iphone:*:*:*:*:*",
"matchCriteriaId": "A066B59B-D5C8-4AA8-9CC7-5D34F4AB88AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "51D3BE2B-5A01-4AD4-A436-0056B50A535D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.1:-:iphone:*:*:*:*:*",
"matchCriteriaId": "E357722F-4976-4E47-BFB5-709480BAE267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.1:-:ipodtouch:*:*:*:*:*",
"matchCriteriaId": "F43A6FEC-ECA9-44A4-AD00-FDC6F3990DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.1.2:-:iphone:*:*:*:*:*",
"matchCriteriaId": "7CA92907-90C9-4BD6-8EE8-8FA6298C3D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.1.3:-:iphone:*:*:*:*:*",
"matchCriteriaId": "220590DA-2B6A-4FC9-B456-3053EED9D96E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.2:-:iphone:*:*:*:*:*",
"matchCriteriaId": "3FE3CDE8-6497-445E-A845-8A1C2A4EDEB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.2:-:ipodtouch:*:*:*:*:*",
"matchCriteriaId": "9E4D3134-28BC-4C30-A9B0-559338FBBDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A939B80-0AD0-48AF-81A7-370716F56639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.2.1:-:ipad:*:*:*:*:*",
"matchCriteriaId": "98C41674-370B-4CF0-817B-3843D93A10DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D28528CE-4943-4F82-80C0-A629DA3E6702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12E22AF0-2B66-425A-A1EE-4F0E3B0433E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0:-:iphone:*:*:*:*:*",
"matchCriteriaId": "954CDDCB-AC22-448D-8ECA-CFA4DBA1BC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0:-:ipodtouch:*:*:*:*:*",
"matchCriteriaId": "54FECD66-4216-43FC-9959-B8EA9545449C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB34ECBE-33E8-40E1-936B-7800D2525AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:-:iphone:*:*:*:*:*",
"matchCriteriaId": "ECE983F6-A597-4581-A254-80396B54F2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:-:ipodtouch:*:*:*:*:*",
"matchCriteriaId": "586C0CB3-98E5-4CB3-8F23-27F01233D6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "107C59BE-D8CF-4A17-8DFB-BED2AB12388D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36C86BB9-0328-4E34-BC2B-47B3471EC262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54A8681-2D8A-4B0B-A947-82F3CE1FB03C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E0070D83-2E27-4DA8-8D10-A6A697216F36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9ACA63-4528-4090-B1EA-1FE57A6B0555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7252935C-E421-4339-B61F-0299E28888DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD342BF-096A-4082-B700-19629F2BDE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "93141AB6-26F2-4C6D-95B3-D383EABB4034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D5C61FF-7CD3-410A-94F2-5DE701466B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "28A01C87-B02A-4239-8340-B396D0E6B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.5:-:ipad:*:*:*:*:*",
"matchCriteriaId": "396634C5-774C-4131-B927-3CAD239EF0B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.5:-:ipodtouch:*:*:*:*:*",
"matchCriteriaId": "64FF0F29-B3C2-4BDC-89FF-DBEDE87D64A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display."
},
{
"lang": "es",
"value": "Los componente Settings en Apple iOS anterior a la 5, cuando un perfil de configuraci\u00f3n se utiliza para una configuraci\u00f3n regional distinta de Ingl\u00e9s, no aplica correctamente la localizaci\u00f3n, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes producir un impacto no especificado mediante un aprovechamiento de la pantalla de configuraci\u00f3n incorrecta."
}
],
"id": "CVE-2011-3430",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-10-14T10:55:10.853",
"references": [
{
"source": "product-security@apple.com",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
},
{
"source": "product-security@apple.com",
"url": "http://osvdb.org/76330"
},
{
"source": "product-security@apple.com",
"url": "http://support.apple.com/kb/HT4999"
},
{
"source": "product-security@apple.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/76330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70560"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…