Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 10/09/2009 Updated: 09/08/2022

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS prior to 3.1, and iPhone OS prior to 3.1.1 for iPod touch, allow remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone_os 3.0
apple iphone_os 1.0.2
apple iphone_os 2.2
apple iphone_os
apple iphone_os 1.1.1
apple iphone_os 2.0.0
apple iphone_os 1.1.2
apple iphone_os 1.1.3
apple iphone_os 1.1.0
apple iphone_os 2.0
apple iphone_os 1.0.1
apple iphone_os 2.0.2
apple iphone_os 2.0.1
apple iphone_os 2.2.1
apple iphone_os 1.1.5
apple iphone_os 1.1.4
apple iphone_os 1.0.0
apple iphone_os 2.1.1
apple iphone_os 2.1
apple iphone_os 3.0.1
apple ipod_touch

CWE-119 http://support.apple.com/kb/HT3860 http://secunia.com/advisories/36677 http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html http://www.trapkit.de/advisories/TKADV2009-007.txt http://www.securitytracker.com/id?1022869 http://www.securityfocus.com/bid/36338 https://exchange.xforce.ibmcloud.com/vulnerabilities/53180 http://www.securityfocus.com/archive/1/506464/100/0/threaded https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-2206

Vulnerability Summary

References

Vulmon Search

About

Products

Connect