CVE-2009-2795

Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html	Mailing List Patch Vendor Advisory
http://secunia.com/advisories/36677	Vendor Advisory
http://support.apple.com/kb/HT3860	Patch Vendor Advisory
http://www.securityfocus.com/bid/36341	Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/53183	VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::ipod_touch::*

History

No history.

Information

Published : 2009-09-10 21:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-2795

Mitre link : CVE-2009-2795

CVE.ORG link : CVE-2009-2795

JSON object : View

Products Affected

apple

iphone_os

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2009-2795", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-09-10T21:30:01.170", "references": [{"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/36677", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.apple.com/kb/HT3860", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/36341", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53183", "tags": ["VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to \"command parsing.\""}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en el componente Recovery Mode en Apple iPhone OS anterior a v3.1, e iPhone OS anterior a v3.1.1 para iPod touch, permite a usuarios locales evitar el requisito de \"requerir clave\" y acceder a datos de su elecci\u00f3n a trav\u00e9s de vectores relacionados con el \"an\u00e1lisis de comandos\"."}], "lastModified": "2018-11-16T15:38:30.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF765D52-58F5-49F1-8323-2EB7EB5006A5", "versionEndExcluding": "3.1"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:ipod_touch:*:*", "vulnerable": true, "matchCriteriaId": "3935C1A3-3488-465C-ADE2-DC6B31365DC0", "versionEndExcluding": "3.1.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}