Sign-up

ID

VAR-200908-0273


CVE

CVE-2009-2204


TITLE

Apple iPhone OS In SMS Vulnerability in arbitrary code execution related to message processing

Trust: 0.8

sources: JVNDB: JVNDB-2009-001969

DESCRIPTION

Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore. The Apple iPhone SMS application is prone to a remote code-execution vulnerability. Failed attacks will result in denial-of-service conditions. Very few details are available regarding this issue. We will update this BID as more information emerges. UPDATE (July 30, 2009): This BID was originally titled "Apple iPhone SMS Application Denial of Service Vulnerability"; it has been updated to reflect newly released information. Versions prior to iPhone OS 3.0.1 are vulnerable. Apple iPhone is a smart phone of Apple (Apple). ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Apple iPhone SMS Message Decoding Vulnerability SECUNIA ADVISORY ID: SA36070 VERIFY ADVISORY: http://secunia.com/advisories/36070/ DESCRIPTION: A vulnerability has been reported in Apple iPhone, which can be exploited by malicious people to compromise a user's system. SOLUTION: Update to version 3.0.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Charlie Miller of Independent Security Evaluators, and Collin Mulliner of Technical University Berlin. CHANGELOG: 2009-08-03: Added link to "Original Advisory" section. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3754 Charlie Miller and Collin Mulliner: http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2009-2204 // JVNDB: JVNDB-2009-001969 // BID: 35569 // VULHUB: VHN-39650 // PACKETSTORM: 79896

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:eqversion:1.1

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:1.1.0

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:1.0.0

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:1.1.2

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:1.0.2

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:1.1.1

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:1.1.3

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:1.0

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:1.0.1

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:1.1.5

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.0

Trust: 1.0

vendor:applemodel:iphone osscope:lteversion:3.0

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.1.4

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.0.0

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.0.2

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.0.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.1

Trust: 1.0

vendor:applemodel:iosscope:eqversion:1.0 to 3.0

Trust: 0.8

vendor:applemodel:iphone osscope:eqversion:3.0

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:2.2.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.0.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1.4

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1.3

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.0.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.0.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:2.0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1

Trust: 0.3

vendor:applemodel:iphonescope:neversion:3.0.1

Trust: 0.3

sources: BID: 35569 // JVNDB: JVNDB-2009-001969 // CNNVD: CNNVD-200908-023 // NVD: CVE-2009-2204

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-2204
value: HIGH

Trust: 1.0

NVD: CVE-2009-2204
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200908-023
value: CRITICAL

Trust: 0.6

VULHUB: VHN-39650
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2009-2204
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-39650
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-39650 // JVNDB: JVNDB-2009-001969 // CNNVD: CNNVD-200908-023 // NVD: CVE-2009-2204

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2009-2204

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200908-023

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200908-023

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2009-001969

PATCH
title:HT3754url:http://support.apple.com/kb/HT3754
Trust: 0.8
title:HT3754url:http://support.apple.com/kb/HT3754?viewlocale=ja_JP
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2009-001969

EXTERNAL IDS
db:NVDid:CVE-2009-2204
Trust: 2.8
db:BIDid:35569
Trust: 2.8
db:SECUNIAid:36070
Trust: 2.6
db:VUPENid:ADV-2009-2105
Trust: 2.5
db:SECTRACKid:1022626
Trust: 2.5
db:OSVDBid:55687
Trust: 2.5
db:JVNDBid:JVNDB-2009-001969
Trust: 0.8
db:APPLEid:APPLE-SA-2009-07-31-1
Trust: 0.6
db:CNNVDid:CNNVD-200908-023
Trust: 0.6
db:VULHUBid:VHN-39650
Trust: 0.1
db:PACKETSTORMid:79896
Trust: 0.1
sources:
            
            
            VULHUB: VHN-39650 // 
            
            
            
            BID: 35569 // 
            
            
            
            JVNDB: JVNDB-2009-001969 // 
            
            
            
            PACKETSTORM: 79896 // 
            
            
            
            CNNVD: CNNVD-200908-023 // 
            
            
            
            NVD: CVE-2009-2204

REFERENCES
url:http://www.securityfocus.com/bid/35569
Trust: 2.5
url:http://www.osvdb.org/55687
Trust: 2.5
url:http://securitytracker.com/id?1022626
Trust: 2.5
url:http://secunia.com/advisories/36070
Trust: 2.5
url:http://www.vupen.com/english/advisories/2009/2105
Trust: 2.5
url:http://support.apple.com/kb/ht3754
Trust: 2.1
url:http://www.blackhat.com/presentations/bh-usa-09/miller/bhusa09-miller-fuzzingphone-paper.pdf
Trust: 2.1
url:http://lists.apple.com/archives/security-announce/2009/jul/msg00001.html
Trust: 1.7
url:http://news.cnet.com/8301-1009_3-10278472-83.html
Trust: 1.7
url:http://www.syscan.org/sg/program.html
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2204
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2204
Trust: 0.8
url:http://www.h-online.com/security/alledged-critical-security-vulnerability-in-iphone-sms-application--/news/113680
Trust: 0.3
url:http://www.forbes.com/2009/07/28/hackers-iphone-apple-technology-security-hackers.html
Trust: 0.3
url:http://www.apple.com/iphone/
Trust: 0.3
url:http://news.zdnet.com/2100-9595_22-326501.html?tag=nl.e539
Trust: 0.3
url:http://secunia.com/advisories/36070/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/business_solutions/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-39650 // 
            
            
            
            BID: 35569 // 
            
            
            
            JVNDB: JVNDB-2009-001969 // 
            
            
            
            PACKETSTORM: 79896 // 
            
            
            
            CNNVD: CNNVD-200908-023 // 
            
            
            
            NVD: CVE-2009-2204

CREDITS
Charlie MillerCollin Mulliner
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200908-023

SOURCES
db:VULHUBid:VHN-39650
db:BIDid:35569
db:JVNDBid:JVNDB-2009-001969
db:PACKETSTORMid:79896
db:CNNVDid:CNNVD-200908-023
db:NVDid:CVE-2009-2204

LAST UPDATE DATE
2025-04-10T22:56:31.995000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-39650date:2010-03-30T00:00:00
db:BIDid:35569date:2009-07-31T20:05:00
db:JVNDBid:JVNDB-2009-001969date:2009-09-04T00:00:00
db:CNNVDid:CNNVD-200908-023date:2009-08-21T00:00:00
db:NVDid:CVE-2009-2204date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-39650date:2009-08-03T00:00:00
db:BIDid:35569date:2009-07-02T00:00:00
db:JVNDBid:JVNDB-2009-001969date:2009-09-04T00:00:00
db:PACKETSTORMid:79896date:2009-08-04T12:12:38
db:CNNVDid:CNNVD-200908-023date:2009-07-02T00:00:00
db:NVDid:CVE-2009-2204date:2009-08-03T18:30:00.343