CVE-2009-2795

Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:ipod_touch:*:*

History

21 Nov 2024, 01:05

Type Values Removed Values Added
References () http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html - Mailing List, Patch, Vendor Advisory () http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html - Mailing List, Patch, Vendor Advisory
References () http://secunia.com/advisories/36677 - Vendor Advisory () http://secunia.com/advisories/36677 - Vendor Advisory
References () http://support.apple.com/kb/HT3860 - Patch, Vendor Advisory () http://support.apple.com/kb/HT3860 - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/36341 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/36341 - Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/53183 - VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/53183 - VDB Entry

Information

Published : 2009-09-10 21:30

Updated : 2024-11-21 01:05


NVD link : CVE-2009-2795

Mitre link : CVE-2009-2795

CVE.ORG link : CVE-2009-2795


JSON object : View

Products Affected

apple

  • iphone_os
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer