var-200906-0056
Vulnerability from variot
The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input validation issue.". Apple iPhone and iPod touch are prone to multiple vulnerabilities. Successfully exploiting these issues may allow attackers to bypass security restrictions, obtain sensitive information, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.2.1 iPhone OS for iPod touch 1.1 through 2.2.1 This BID is being retired
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200906-0056",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.5"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.1.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.0 to 2.2.1"
},
{
"model": "ios for ipod touch",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.1 to 2.2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "0"
},
{
"model": "ipod touch",
"scope": "ne",
"trust": 0.6,
"vendor": "apple",
"version": "3.0"
},
{
"model": "iphone",
"scope": "ne",
"trust": 0.6,
"vendor": "apple",
"version": "3.0"
}
],
"sources": [
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35433"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-311"
},
{
"db": "NVD",
"id": "CVE-2009-0959"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os_for_ipod_touch",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Oskar Lissheim-BoethiusOliver QuasChristian Schmitz",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-311"
}
],
"trust": 0.6
},
"cve": "CVE-2009-0959",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-0959",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-38405",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-0959",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-0959",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200906-311",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-38405",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38405"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-311"
},
{
"db": "NVD",
"id": "CVE-2009-0959"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an \"input validation issue.\". Apple iPhone and iPod touch are prone to multiple vulnerabilities. \nSuccessfully exploiting these issues may allow attackers to bypass security restrictions, obtain sensitive information, or cause denial-of-service conditions. \nThese issues affect the following:\niPhone OS 1.0 through 2.2.1\niPhone OS for iPod touch 1.1 through 2.2.1\nThis BID is being retired",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0959"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35433"
},
{
"db": "VULHUB",
"id": "VHN-38405"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0959",
"trust": 2.8
},
{
"db": "BID",
"id": "35433",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "55237",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-1621",
"trust": 2.5
},
{
"db": "BID",
"id": "35414",
"trust": 2.0
},
{
"db": "XF",
"id": "51211",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001850",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200906-311",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-38405",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38405"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35433"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-311"
},
{
"db": "NVD",
"id": "CVE-2009-0959"
}
]
},
"id": "VAR-200906-0056",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-38405"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:06:04.600000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT3639",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3639"
},
{
"title": "HT3639",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3639?viewlocale=ja_JP"
},
{
"title": "Apple iPhone Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203144"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-311"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38405"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"db": "NVD",
"id": "CVE-2009-0959"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/35433"
},
{
"trust": 2.5,
"url": "http://osvdb.org/55237"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"trust": 2.0,
"url": "http://support.apple.com/kb/ht3639"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/35414"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51211"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0959"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/51211"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0959"
},
{
"trust": 0.6,
"url": "http://www.apple.com/iphone/"
},
{
"trust": 0.6,
"url": "http://www.apple.com/ipodtouch/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38405"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35433"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-311"
},
{
"db": "NVD",
"id": "CVE-2009-0959"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-38405"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35433"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-311"
},
{
"db": "NVD",
"id": "CVE-2009-0959"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-38405"
},
{
"date": "2009-06-17T00:00:00",
"db": "BID",
"id": "35414"
},
{
"date": "2009-06-17T00:00:00",
"db": "BID",
"id": "35433"
},
{
"date": "2009-08-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"date": "2009-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-311"
},
{
"date": "2009-06-19T16:30:00.250000",
"db": "NVD",
"id": "CVE-2009-0959"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-38405"
},
{
"date": "2009-06-19T23:09:00",
"db": "BID",
"id": "35414"
},
{
"date": "2009-06-19T23:09:00",
"db": "BID",
"id": "35433"
},
{
"date": "2009-08-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001850"
},
{
"date": "2022-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-311"
},
{
"date": "2024-11-21T01:01:20.520000",
"db": "NVD",
"id": "CVE-2009-0959"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35433"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple iPhone OS of MPEG-4 Service disruption in video codecs (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001850"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "35433"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-311"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…