Lucene search

PRIOn knowledge basePRION:CVE-2009-2206

HistorySep 10, 2009 - 9:30 p.m.

Heap overflow

2009-09-1021:30:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.035 Low

EPSS

Percentile

91.3%

JSON

Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table.

CPENameOperatorVersion
iphone_osle3.0.1
iphone_oseq1.0.0
iphone_oseq1.0.1
iphone_oseq1.0.2
iphone_oseq1.1.0
iphone_oseq1.1.1
iphone_oseq1.1.2
iphone_oseq1.1.3
iphone_oseq1.1.4
iphone_oseq1.1.5

Name	Operator	Version
iphone_os	le	3.0.1
iphone_os	eq	1.0.0
iphone_os	eq	1.0.1
iphone_os	eq	1.0.2
iphone_os	eq	1.1.0
iphone_os	eq	1.1.1
iphone_os	eq	1.1.2
iphone_os	eq	1.1.3
iphone_os	eq	1.1.4
iphone_os	eq	1.1.5

Rows per page:

1-10 of 391

References

lists.apple.com/archives/security-announce/2009/Sep/msg00001.html

secunia.com/advisories/36677

support.apple.com/kb/HT3860

www.securityfocus.com/archive/1/506464/100/0/threaded

www.securityfocus.com/bid/36338

www.securitytracker.com/id?1022869

www.trapkit.de/advisories/TKADV2009-007.txt

exchange.xforce.ibmcloud.com/vulnerabilities/53180

8.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.035 Low

EPSS

Percentile

91.3%

JSON

Related for PRION:CVE-2009-2206