CVE-2009-2795

Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html	Mailing List Patch Vendor Advisory
http://secunia.com/advisories/36677	Vendor Advisory
http://support.apple.com/kb/HT3860	Patch Vendor Advisory
http://www.securityfocus.com/bid/36341	Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/53183	VDB Entry

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::ipod_touch::*

Information

Published : 2009-09-10 14:30

Updated : 2018-11-16 07:38

NVD link : CVE-2009-2795

Mitre link : CVE-2009-2795

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

Products Affected

apple

iphone_os

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html", "name": "APPLE-SA-2009-09-09-1", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "refsource": "APPLE"}, {"url": "http://secunia.com/advisories/36677", "name": "36677", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://support.apple.com/kb/HT3860", "name": "http://support.apple.com/kb/HT3860", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/36341", "name": "36341", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53183", "name": "ipod-iphone-recoverymode-bo(53183)", "tags": ["VDB Entry"], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to \"command parsing.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-2795", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2009-09-10T21:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.1"}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:ipod_touch:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.1.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-11-16T15:38Z"}