Showing 1 - 1 of 1

CVE-2009-2206

Status Candidate

Overview

Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table.

Related Files

Apple iPhone OS AudioCodecs Heap Buffer Overflow: Posted Sep 15, 2009; Authored by Tobias Klein | Site trapkit.de; The iPhone OS AudioCodecs library contains a heap buffer overflow vulnerability while parsing maliciously crafted AAC or MP3 files. The vulnerability may be exploited by an attacker to execute arbitrary code in the context of an application using the vulnerable library. One attack vector are iPhone ringtones with malformed sample size table entries. It was successfully tested that iTunes uploads such malformed ringtones to the phone.; tags | advisory, overflow, arbitrary; systems | apple, iphone; advisories | CVE-2009-2206; SHA-256 | f5526418de98c9657cbd763047a324da3b927f706fa76dd4b3293e0a4a6b43d0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 256 files
Jay Turla 150 files
indoushka 149 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Debian 24 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,066)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,731)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,807)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

CVE-2009-2206

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems