Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html | Mailing List Patch Vendor Advisory |
http://secunia.com/advisories/36677 | Vendor Advisory |
http://support.apple.com/kb/HT3860 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/36341 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/53183 | VDB Entry |
http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html | Mailing List Patch Vendor Advisory |
http://secunia.com/advisories/36677 | Vendor Advisory |
http://support.apple.com/kb/HT3860 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/36341 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/53183 | VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:05
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html - Mailing List, Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/36677 - Vendor Advisory | |
References | () http://support.apple.com/kb/HT3860 - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/36341 - Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/53183 - VDB Entry |
Information
Published : 2009-09-10 21:30
Updated : 2024-11-21 01:05
NVD link : CVE-2009-2795
Mitre link : CVE-2009-2795
CVE.ORG link : CVE-2009-2795
JSON object : View
Products Affected
apple
- iphone_os
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer