var-200906-0086
Vulnerability from variot
The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related to a "logic issue.". iPhone OS from Apple contains a denial of service (DoS) vulnerability. Masaki Yoshida reported this vulnerability to IPA. JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.A remote attacker could possibly cause a denial of service (DoS) attack by sending a specially crafted packet. Apple iPhone and iPod touch are prone to multiple vulnerabilities. Successfully exploiting these issues may allow attackers to bypass security restrictions, obtain sensitive information, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.2.1 iPhone OS for iPod touch 1.1 through 2.2.1 This BID is being retired. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
1) Multiple vulnerabilities in CoreGraphics can be exploited by malicious people to compromise a user's system.
For more information: SA32706 SA34291 SA34723 SA35074
2) An error in the handling of untrusted Exchange server certificates can lead to the disclosure of credentials or application data due to the certificate being accepted with no prompt and validation.
3) A vulnerability in ImageIO can be exploited by malicious people to compromise a user's system.
For more information: SA31558 SA32130 SA32773
7) An error in Mail can result in a phone call being initiated without user interaction if an application causes an alert during the call approval dialog.
This is related to vulnerability #11 in: SA32756
8) An input validation error in the handling of MPEG-4 video files can lead to an unexpected device reset.
9) Clearing Safari's history via the Settings application can lead to disclosure of the search history.
11) Some vulnerabilities in WebKit can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to compromise a user's system.
For more information: SA31326 SA35056 SA35379
12) An error in the separation of JavaScript contexts can be exploited to overwrite the "document.implementation" of an embedded or parent document served from a different security zone.
13) A type conversion error exists in the JavaScript exception handling in WebKit. This can be exploited to corrupt memory when assigning the exception to a variable that is declared as a constant and may allow execution of arbitrary code when a user visits a specially crafted web site.
14) An error in the JavaScript garbage collector implementation can potentially be exploited to corrupt memory and execute arbitrary code.
15) Multiple unspecified errors in the handling of javascript objects can potentially be exploited to conduct cross-site scripting attacks.
16) An error in WebKit can be exploited to alter standard JavaScript prototypes of websites served from a different domain.
17) An error in WebKit in the handling of HTMLSelectElement objects can be exploited to cause a device reset.
18) An error in WebKit can be exploited to load and capture an image from another website by using a canvas and a redirect.
19) An error in WebKit allows frames to be accessed by an HTML document after a page transition, which can be exploited to conduct cross-site scripting attacks.
20) An error in the handling of XMLHttpRequest headers in WebKit can be exploited to bypass the same-origin policy.
21) A Use-After-Free error exists in WebKit within the handling of the JavaScript DOM, which can potentially be exploited to execute arbitrary code.
22) An error in WebKit within the handling of Location and History objects can be exploited to conduct cross-site scripting attacks.
PROVIDED AND/OR DISCOVERED BY: 7) Collin Mulliner of Fraunhofer SIT 10) Masaki Yoshida
The vendor credits: 1) * Alin Rad Pop, Secunia Research * Will Dormann, CERT/CC * Barry K. Nathan * Tavis Ormandy, Google Security Team 2) FD of Securus Global 3) Tavis Ormandy, Google Security Team 4) Chris Weber, Casaba Security 8) Si Brindley 9) Joshua Belsky 11) * Thomas Raffetseder International Secure Systems Lab * Nils working with the ZDI * Michal Zalewski, Google Inc * SkyLined, Google Inc * Thierry Zoller working with the ZDI and Robert Swiecki of the Google Security Team * Chris Evans of Google Inc 12) Dean McNamee, Google Inc 13) Jesse Ruderman, Mozilla Corporation 14) SkyLined of Google Inc 15) Adam Barth of UC Berkeley and Collin Jackson of Stanford University 17) Thierry Zoller, G-SEC 18) Chris Evans 19) Feng Qian, Google Inc 20) Per von Zweigbergk 21) wushi & ling of team509 working with the ZDI 22) Adam Barth and Joel Weinberger of UC Berkeley
CHANGELOG: 2009-06-18: Corrected credits section. Updated vulnerability #7 in "Description" section.
ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3639
JVN: http://jvn.jp/en/jp/JVN87239696/index.html
OTHER REFERENCES: SA31326: http://secunia.com/advisories/31326/
SA31478: http://secunia.com/advisories/31478/
SA31450: http://secunia.com/advisories/31450/
SA31558: http://secunia.com/advisories/31558/
SA32130: http://secunia.com/advisories/32130/
SA32706: http://secunia.com/advisories/32706/
SA32773: http://secunia.com/advisories/32773/
SA33970: http://secunia.com/advisories/33970/
SA34291: http://secunia.com/advisories/34291/
SA34723: http://secunia.com/advisories/34723/
SA35056: http://secunia.com/advisories/35056/
SA35074: http://secunia.com/advisories/35074/
SA35379: http://secunia.com/advisories/35379/
SA35436: http://secunia.com/advisories/35436/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200906-0086",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.5"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.1.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.0 to 2.2.1"
},
{
"model": "ios for ipod touch",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.1 to 2.2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "0"
},
{
"model": "ipod touch",
"scope": "ne",
"trust": 0.6,
"vendor": "apple",
"version": "3.0"
},
{
"model": "iphone",
"scope": "ne",
"trust": 0.6,
"vendor": "apple",
"version": "3.0"
}
],
"sources": [
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35445"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"db": "NVD",
"id": "CVE-2009-1683"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1683"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Oskar Lissheim-BoethiusOliver QuasChristian Schmitz",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
],
"trust": 0.6
},
"cve": "CVE-2009-1683",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2009-000040",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-39129",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-1683",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2009-000040",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200906-316",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-39129",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39129"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"db": "NVD",
"id": "CVE-2009-1683"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related to a \"logic issue.\". iPhone OS from Apple contains a denial of service (DoS) vulnerability. Masaki Yoshida reported this vulnerability to IPA. JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.A remote attacker could possibly cause a denial of service (DoS) attack by sending a specially crafted packet. Apple iPhone and iPod touch are prone to multiple vulnerabilities. \nSuccessfully exploiting these issues may allow attackers to bypass security restrictions, obtain sensitive information, or cause denial-of-service conditions. \nThese issues affect the following:\niPhone OS 1.0 through 2.2.1\niPhone OS for iPod touch 1.1 through 2.2.1\nThis BID is being retired. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\n1) Multiple vulnerabilities in CoreGraphics can be exploited by\nmalicious people to compromise a user\u0027s system. \n\nFor more information:\nSA32706\nSA34291\nSA34723\nSA35074\n\n2) An error in the handling of untrusted Exchange server certificates\ncan lead to the disclosure of credentials or application data due to\nthe certificate being accepted with no prompt and validation. \n\n3) A vulnerability in ImageIO can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nFor more information:\nSA31558\nSA32130\nSA32773\n\n7) An error in Mail can result in a phone call being initiated\nwithout user interaction if an application causes an alert during the\ncall approval dialog. \n\nThis is related to vulnerability #11 in:\nSA32756\n\n8) An input validation error in the handling of MPEG-4 video files\ncan lead to an unexpected device reset. \n\n9) Clearing Safari\u0027s history via the Settings application can lead to\ndisclosure of the search history. \n\n11) Some vulnerabilities in WebKit can be exploited by malicious\npeople to conduct cross-site scripting attacks, disclose sensitive\ninformation, or to compromise a user\u0027s system. \n\nFor more information:\nSA31326\nSA35056\nSA35379\n\n12) An error in the separation of JavaScript contexts can be\nexploited to overwrite the \"document.implementation\" of an embedded\nor parent document served from a different security zone. \n\n13) A type conversion error exists in the JavaScript exception\nhandling in WebKit. This can be exploited to corrupt memory when\nassigning the exception to a variable that is declared as a constant\nand may allow execution of arbitrary code when a user visits a\nspecially crafted web site. \n\n14) An error in the JavaScript garbage collector implementation can\npotentially be exploited to corrupt memory and execute arbitrary\ncode. \n\n15) Multiple unspecified errors in the handling of javascript objects\ncan potentially be exploited to conduct cross-site scripting attacks. \n\n16) An error in WebKit can be exploited to alter standard JavaScript\nprototypes of websites served from a different domain. \n\n17) An error in WebKit in the handling of HTMLSelectElement objects\ncan be exploited to cause a device reset. \n\n18) An error in WebKit can be exploited to load and capture an image\nfrom another website by using a canvas and a redirect. \n\n19) An error in WebKit allows frames to be accessed by an HTML\ndocument after a page transition, which can be exploited to conduct\ncross-site scripting attacks. \n\n20) An error in the handling of XMLHttpRequest headers in WebKit can\nbe exploited to bypass the same-origin policy. \n\n21) A Use-After-Free error exists in WebKit within the handling of\nthe JavaScript DOM, which can potentially be exploited to execute\narbitrary code. \n\n22) An error in WebKit within the handling of Location and History\nobjects can be exploited to conduct cross-site scripting attacks. \n\nPROVIDED AND/OR DISCOVERED BY:\n7) Collin Mulliner of Fraunhofer SIT\n10) Masaki Yoshida\n\nThe vendor credits:\n1) * Alin Rad Pop, Secunia Research\n* Will Dormann, CERT/CC\n* Barry K. Nathan\n* Tavis Ormandy, Google Security Team\n2) FD of Securus Global\n3) Tavis Ormandy, Google Security Team\n4) Chris Weber, Casaba Security\n8) Si Brindley\n9) Joshua Belsky\n11) * Thomas Raffetseder International Secure Systems Lab\n* Nils working with the ZDI\n* Michal Zalewski, Google Inc\n* SkyLined, Google Inc\n* Thierry Zoller working with the ZDI and Robert Swiecki of the\nGoogle Security Team\n* Chris Evans of Google Inc\n12) Dean McNamee, Google Inc\n13) Jesse Ruderman, Mozilla Corporation\n14) SkyLined of Google Inc\n15) Adam Barth of UC Berkeley and Collin Jackson of Stanford\nUniversity\n17) Thierry Zoller, G-SEC\n18) Chris Evans\n19) Feng Qian, Google Inc\n20) Per von Zweigbergk\n21) wushi \u0026 ling of team509 working with the ZDI\n22) Adam Barth and Joel Weinberger of UC Berkeley\n\nCHANGELOG:\n2009-06-18: Corrected credits section. Updated vulnerability #7 in\n\"Description\" section. \n\nORIGINAL ADVISORY:\nApple:\nhttp://support.apple.com/kb/HT3639\n\nJVN:\nhttp://jvn.jp/en/jp/JVN87239696/index.html\n\nOTHER REFERENCES:\nSA31326:\nhttp://secunia.com/advisories/31326/\n\nSA31478:\nhttp://secunia.com/advisories/31478/\n\nSA31450:\nhttp://secunia.com/advisories/31450/\n\nSA31558:\nhttp://secunia.com/advisories/31558/\n\nSA32130:\nhttp://secunia.com/advisories/32130/\n\nSA32706:\nhttp://secunia.com/advisories/32706/\n\nSA32773:\nhttp://secunia.com/advisories/32773/\n\nSA33970:\nhttp://secunia.com/advisories/33970/\n\nSA34291:\nhttp://secunia.com/advisories/34291/\n\nSA34723:\nhttp://secunia.com/advisories/34723/\n\nSA35056:\nhttp://secunia.com/advisories/35056/\n\nSA35074:\nhttp://secunia.com/advisories/35074/\n\nSA35379:\nhttp://secunia.com/advisories/35379/\n\nSA35436:\nhttp://secunia.com/advisories/35436/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1683"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35445"
},
{
"db": "VULHUB",
"id": "VHN-39129"
},
{
"db": "PACKETSTORM",
"id": "78519"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1683",
"trust": 2.8
},
{
"db": "JVN",
"id": "JVN87239696",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000040",
"trust": 2.5
},
{
"db": "BID",
"id": "35414",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2009-1621",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200906-316",
"trust": 0.6
},
{
"db": "BID",
"id": "35445",
"trust": 0.4
},
{
"db": "SECUNIA",
"id": "35449",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-39129",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "78519",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39129"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35445"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"db": "PACKETSTORM",
"id": "78519"
},
{
"db": "NVD",
"id": "CVE-2009-1683"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
]
},
"id": "VAR-200906-0086",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-39129"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:52:12.945000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT3639",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3639"
},
{
"title": "Apple iPhone Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=203139"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"db": "NVD",
"id": "CVE-2009-1683"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://jvn.jp/en/jp/jvn87239696/index.html"
},
{
"trust": 2.4,
"url": "http://support.apple.com/kb/ht3639"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/35414"
},
{
"trust": 1.7,
"url": "http://jvndb.jvn.jp/ja/contents/2009/jvndb-2009-000040.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1683"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/english/vuln/200906_iphone_en.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1683"
},
{
"trust": 0.6,
"url": "http://www.apple.com/iphone/"
},
{
"trust": 0.6,
"url": "http://www.apple.com/ipodtouch/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34291/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/33970/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/32773/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34723/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35074/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/32706/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31450/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35379/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31558/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35056/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35449/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35436/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31326/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/32130/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31478/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39129"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35445"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"db": "PACKETSTORM",
"id": "78519"
},
{
"db": "NVD",
"id": "CVE-2009-1683"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-39129"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35445"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"db": "PACKETSTORM",
"id": "78519"
},
{
"db": "NVD",
"id": "CVE-2009-1683"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-39129"
},
{
"date": "2009-06-17T00:00:00",
"db": "BID",
"id": "35414"
},
{
"date": "2009-06-17T00:00:00",
"db": "BID",
"id": "35445"
},
{
"date": "2009-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"date": "2009-06-18T07:29:46",
"db": "PACKETSTORM",
"id": "78519"
},
{
"date": "2009-06-19T16:30:00.360000",
"db": "NVD",
"id": "CVE-2009-1683"
},
{
"date": "2009-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-30T00:00:00",
"db": "VULHUB",
"id": "VHN-39129"
},
{
"date": "2009-06-19T23:09:00",
"db": "BID",
"id": "35414"
},
{
"date": "2009-06-19T21:29:00",
"db": "BID",
"id": "35445"
},
{
"date": "2009-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-000040"
},
{
"date": "2022-08-09T13:48:58.903000",
"db": "NVD",
"id": "CVE-2009-1683"
},
{
"date": "2022-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35445"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iPhone OS denial of service (DoS) vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-000040"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-316"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.