CVE-2009-0959

Name of the Vulnerable Software and Affected Versions Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1

Description The issue is related to the MPEG-4 video codec, which allows remote attackers to cause a denial of service, resulting in a device reset. This is achieved through a crafted MPEG-4 video file that triggers an input validation issue.

Recommendations For Apple iPhone OS versions 1.0 through 2.2.1, update to a version outside of this range to resolve the issue. For Apple iPhone OS for iPod touch versions 1.1 through 2.2.1, update to a version outside of this range to resolve the issue. As a temporary workaround, consider avoiding the use of the MPEG-4 video codec until a patch is available.