AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2010-2973: Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allo

infovulnerability

security

Source: NVD/CVE DatabaseAugust 5, 2010CVE-2010-2973

Summary

An integer overflow (a bug where a number gets too large for its storage space, causing unexpected behavior) in IOSurface (a system component that manages graphics memory) affects Apple iOS versions before 4.0.2 on iPhone and iPod touch, and before 3.2.2 on iPad. This vulnerability allows local users (those with access to the device) to gain elevated privileges (higher-level control) through IOSurface properties, as demonstrated by the JailbreakMe exploit.

Solution / Mitigation

Update to iOS 4.0.2 or later on iPhone and iPod touch, or iOS 3.2.2 or later on iPad.

Vulnerability Details

CVSS Score

6.9

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-264

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2010-2973

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%