PT-2009-3543 · Apple · Iphone+2
Collin Mulliner
·
Published
2009-06-19
·
Updated
2022-08-09
·
CVE-2009-0961
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Apple iPhone OS versions 1.0 through 2.2.1
Apple iPhone OS for iPod touch versions 1.1 through 2.2.1
Description
The issue allows remote attackers to potentially force the iPhone to place a call without user approval. This occurs when the Mail component dismisses the call approval dialog upon the appearance of another alert, possibly triggered by an application.
Recommendations
For Apple iPhone OS versions 1.0 through 2.2.1, update to a version outside of this range to resolve the issue.
For Apple iPhone OS for iPod touch versions 1.1 through 2.2.1, update to a version outside of this range to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Iphone
Ios
Ipod Touch