CVE-2007-3753

CWE-20Improper Input Validation3 documents3 sources
Severity
7.5HIGH
EPSS
1.3%
top 20.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple IphoneApple Iphone OS
Timeline
PublishedSep 27
Latest updateMay 1

Description

Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximate attackers to cause a denial of service (application termination) and execute arbitrary code via crafted Service Discovery Protocol (SDP) packets, related to insufficient input validation.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDapple/iphone1.0
NVDapple/iphone_os1.0.1, 1.0.2+1

Patches

Patch: lists.apple.comPatch: lists.apple.com

🔴Vulnerability Details

2
GHSA
GHSA-ww42-ch2p-4w5x: Apple iPhone 12022-05-01
CVEList
CVE-2007-3753: Apple iPhone 12007-09-27
CVE-2007-3753 (HIGH CVSS 7.5) | Apple iPhone 1.1.1 | cvebase.io