CVE-2009-2206

iPhone OS < 3.1 and iPod touch < 3.1.1 - Remote Code Execution via Crafted AAC or MP3 File

Title source: llm
STIX 2.1

Description

Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table.

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1022869
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/506464/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/53180
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/36338
Patch, Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/36677
Patch, Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT3860

Scores

EPSS 0.0463
EPSS Percentile 90.6%

Details

CWE
CWE-119
Status published
Products (21)
apple/iphone_os 1.0.0
apple/iphone_os 1.0.1
apple/iphone_os 1.0.2
apple/iphone_os 1.1.0
apple/iphone_os 1.1.1
apple/iphone_os 1.1.2
apple/iphone_os 1.1.3
apple/iphone_os 1.1.4
apple/iphone_os 1.1.5
apple/iphone_os 2.0
... and 11 more
Published Sep 10, 2009
Tracked Since Feb 18, 2026