Details of VAR-200906-0057

ID

VAR-200906-0057

CVE

CVE-2009-0960

TITLE

Apple iPhone OS of Mail Vulnerability in component network address detection

Trust: 0.8

sources: JVNDB: JVNDB-2009-001848

DESCRIPTION

The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device address and when an e-mail is read via an HTML email containing an image URL. Apple iPhone and iPod touch are prone to multiple vulnerabilities. Successfully exploiting these issues may allow attackers to bypass security restrictions, obtain sensitive information, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.2.1 iPhone OS for iPod touch 1.1 through 2.2.1 This BID is being retired. The following individual records have been created to better document these issues: 35433 Apple iPhone and iPod touch MPEG-4 Video Codec Denial of Service Vulnerability 35434 Apple iPhone and iPod touch Mail Client Information Disclosure Weakness 35436 Apple iPhone and iPod touch Configuration Profile Handling Information Disclosure Vulnerability 35425 Apple iPhone Call Approval Dialog Security Bypass Vulnerability 35445 Apple iPhone and iPod touch ICMP Echo Request Remote Denial of Service Vulnerability 35446 Apple iPhone and iPod touch HTMLSelectElement Denial of Service Vulnerability 35447 Apple iPhone and iPod touch Untrusted Certificate Exception Information Disclosure Vulnerability 35448 Apple iPhone and iPod touch Safari Search History Information Disclosure Vulnerability. The server hosting the remote graphics can tell that the mail has been read, as well as the network address of the device

Trust: 2.25

sources: NVD: CVE-2009-0960 // JVNDB: JVNDB-2009-001848 // BID: 35414 // BID: 35434 // VULHUB: VHN-38406

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	eq	version:	2.0.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.5	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.2	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0.2	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.2.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.1.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.4	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0.0	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.3	Trust: 1.0
vendor:	apple	model:	ipod touch	scope:	eq	version:	*	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	*	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	apple	model:	ios	scope:	eq	version:	1.0 to 2.2.1	Trust: 0.8
vendor:	apple	model:	ios for ipod touch	scope:	eq	version:	1.1 to 2.2.1	Trust: 0.8
vendor:	apple	model:	ipod touch	scope:	eq	version:	2.2.1	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	2.0.2	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	2.0.1	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	1.1.4	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	1.1.3	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	1.1.2	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	1.1.1	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	2.2	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	2.1	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	2.0	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	1.1	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	2.2.1	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	2.0.2	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	2.0.1	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	1.1.4	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	1.1.3	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	1.1.2	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	1.1.1	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	1.0.2	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	1.0.1	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	2.2	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	2.1	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	2.0	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	1.1	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	1	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	ne	version:	3.0	Trust: 0.6
vendor:	apple	model:	iphone	scope:	ne	version:	3.0	Trust: 0.6

sources: BID: 35414 // BID: 35434 // JVNDB: JVNDB-2009-001848 // CNNVD: CNNVD-200906-312 // NVD: CVE-2009-0960

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-0960
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2009-0960
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200906-312
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-38406
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2009-0960
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2009-0960
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-38406
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-38406 // JVNDB: JVNDB-2009-001848 // CNNVD: CNNVD-200906-312 // NVD: CVE-2009-0960

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-DesignError	Trust: 0.8

sources: JVNDB: JVNDB-2009-001848 // NVD: CVE-2009-0960

THREAT TYPE

network

Trust: 0.6

sources: BID: 35414 // BID: 35434

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200906-312

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-001848

PATCH

title:	HT3639	url:	http://support.apple.com/kb/HT3639	Trust: 0.8
title:	HT3639	url:	http://support.apple.com/kb/HT3639?viewlocale=ja_JP	Trust: 0.8
title:	Apple iPhone Repair measures for information disclosure vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203143	Trust: 0.6

sources: JVNDB: JVNDB-2009-001848 // CNNVD: CNNVD-200906-312

EXTERNAL IDS

db:	BID	id:	35434	Trust: 2.8
db:	NVD	id:	CVE-2009-0960	Trust: 2.8
db:	VUPEN	id:	ADV-2009-1621	Trust: 2.5
db:	BID	id:	35414	Trust: 2.0
db:	XF	id:	51209	Trust: 0.8
db:	JVNDB	id:	JVNDB-2009-001848	Trust: 0.8
db:	CNNVD	id:	CNNVD-200906-312	Trust: 0.6
db:	VULHUB	id:	VHN-38406	Trust: 0.1

sources: VULHUB: VHN-38406 // BID: 35414 // BID: 35434 // JVNDB: JVNDB-2009-001848 // CNNVD: CNNVD-200906-312 // NVD: CVE-2009-0960

REFERENCES

url:	http://www.securityfocus.com/bid/35434	Trust: 2.5
url:	http://www.vupen.com/english/advisories/2009/1621	Trust: 2.5
url:	http://support.apple.com/kb/ht3639	Trust: 2.0
url:	http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/35414	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/51209	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0960	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/51209	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0960	Trust: 0.8
url:	http://www.apple.com/iphone/	Trust: 0.6
url:	http://www.apple.com/ipodtouch/	Trust: 0.6

sources: VULHUB: VHN-38406 // BID: 35414 // BID: 35434 // JVNDB: JVNDB-2009-001848 // CNNVD: CNNVD-200906-312 // NVD: CVE-2009-0960

CREDITS

Oskar Lissheim-BoethiusOliver QuasChristian Schmitz

Trust: 0.6

sources: CNNVD: CNNVD-200906-312

SOURCES

db:	VULHUB	id:	VHN-38406
db:	BID	id:	35414
db:	BID	id:	35434
db:	JVNDB	id:	JVNDB-2009-001848
db:	CNNVD	id:	CNNVD-200906-312
db:	NVD	id:	CVE-2009-0960

LAST UPDATE DATE

2025-04-10T22:16:59.263000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-38406	date:	2017-08-17T00:00:00
db:	BID	id:	35414	date:	2009-06-19T23:09:00
db:	BID	id:	35434	date:	2009-06-19T16:19:00
db:	JVNDB	id:	JVNDB-2009-001848	date:	2009-08-06T00:00:00
db:	CNNVD	id:	CNNVD-200906-312	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2009-0960	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-38406	date:	2009-06-19T00:00:00
db:	BID	id:	35414	date:	2009-06-17T00:00:00
db:	BID	id:	35434	date:	2009-06-17T00:00:00
db:	JVNDB	id:	JVNDB-2009-001848	date:	2009-08-06T00:00:00
db:	CNNVD	id:	CNNVD-200906-312	date:	2009-06-19T00:00:00
db:	NVD	id:	CVE-2009-0960	date:	2009-06-19T16:30:00.280