CVE-2009-2204

{"id": "CVE-2009-2204", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-08-03T18:30:00.343", "references": [{"url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00001.html", "source": "cve@mitre.org"}, {"url": "http://news.cnet.com/8301-1009_3-10278472-83.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/36070", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1022626", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://support.apple.com/kb/HT3754", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/55687", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/35569", "source": "cve@mitre.org"}, {"url": "http://www.syscan.org/Sg/program.html", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/2105", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el componente CoreTelephony en Apple iPhone anterior a 3.0.1, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n, obtener coordenadas GPS o activar el micr\u00f3fono a trav\u00e9s de un SMS que provoca una corrupci\u00f3n de memoria, como se demostr\u00f3 por Charlie Miller en la SyScan '09 en Singapur."}], "lastModified": "2010-03-30T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F636A8C6-38F5-476B-BBDC-144B70957A72", "versionEndIncluding": "3.0"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41DB23F0-7226-4D0B-A3FA-A801F02EBA6B"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7B6D035-38A9-4C0B-9A9D-CAE3BF1CA56D"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E28FB0CB-D636-4F85-B5F7-70EC30053925"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4AEDE82-E317-4066-A34F-BB3BCD3F53E2"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EC16D1C-065A-4D1A-BA6E-528A71DF65CC"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "297F9438-0F04-4128-94A8-A504B600929E"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8618621-F871-4531-9F6C-7D60F2BF8B75"}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "824DED2D-FA1D-46FC-8252-6E25546DAE29"}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B"}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF40CDA4-4716-4815-9ED0-093FE266734C"}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58"}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6"}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}