CVE-2009-2795: Buffer Overflow
First published: Thu Sep 10 2009(Updated: )
Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| iPhone OS | <3.1 | |
| Apple iPhone OS | <3.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2009-2795?
CVE-2009-2795 is classified as a high severity vulnerability due to its potential to allow unauthorized access to sensitive data.
How do I fix CVE-2009-2795?
To fix CVE-2009-2795, update your Apple iPhone OS to version 3.1 or later, or iPod touch OS to version 3.1.1 or later.
What systems are affected by CVE-2009-2795?
CVE-2009-2795 affects Apple iPhone OS versions prior to 3.1 and iPod touch OS versions prior to 3.1.1.
What type of vulnerability is CVE-2009-2795?
CVE-2009-2795 is a heap-based buffer overflow vulnerability that allows local users to bypass the passcode requirement.
What are the risks associated with CVE-2009-2795?
The risks of CVE-2009-2795 include unauthorized access to arbitrary data, which can lead to privacy breaches and data theft.
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/iphone os
- canonical/apple iphone os