Aug 03
iPhone OS 3.0.1
- CoreTelephony
CVE-ID: CVE-2009-2204
Available for: iPhone OS 1.0 through iPhone OS 3.0
Impact: Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution
Description: A memory corruption issue exists in the decoding of SMS messages. Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution. This update addresses the issue through improved error handling. Credit to Charlie Miller of Independent Security Evaluators, and Collin Mulliner of Technical University Berlin for reporting this issue.
In English:
A security hole which allowed iPhones to be hacked, compromising applications and personal data has been patched.
Leave a Reply
You must be logged in to post a comment.
