Vulnerabilities > CVE-2009-2815 - Resource Management Errors vulnerability in Apple Iphone OS
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Seebug
| bulletinFamily | exploit |
| description | Bugraq ID: 36336 CVE ID:CVE-2009-2815 iPhone是一款苹果公司发布的智能手机。 iPhone处理到知通告的SMS消息存在NULL指针应用错误,发送特殊构建的SMS消息可导致服务中断,造成拒绝服务攻击。 Apple iPhone 3.0.1 Apple iPhone 2.2.1 Apple iPhone 2.0.2 Apple iPhone 2.0.1 Apple iPhone 1.1.4 Apple iPhone 1.1.3 Apple iPhone 1.1.2 Apple iPhone 1.1.1 Apple iPhone 1.0.2 Apple iPhone 1.0.1 Apple iPhone 3.0 Apple iPhone 2.2 Apple iPhone 2.1 Apple iPhone 2.0 Apple iPhone 1.1 Apple iPhone 1 用户可联系供应商获得最新程序Apple iPhone 3.1: http://www.apple.com/iphone/ |
| id | SSV:12276 |
| last seen | 2017-11-19 |
| modified | 2009-09-11 |
| published | 2009-09-11 |
| reporter | Root |
| title | Apple iPhone 3.1之前版本SMS消息NULL指针引用漏洞 |