Vulnerability Description
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone Os | 1.0.0 |
| Apple | Ipod Touch | All versions |
References
- http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlVendor Advisory
- http://osvdb.org/55238
- http://support.apple.com/kb/HT3639PatchVendor Advisory
- http://www.securityfocus.com/bid/35414
- http://www.vupen.com/english/advisories/2009/1621
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51210
- http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlVendor Advisory
- http://osvdb.org/55238
- http://support.apple.com/kb/HT3639PatchVendor Advisory
- http://www.securityfocus.com/bid/35414
- http://www.vupen.com/english/advisories/2009/1621
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51210
FAQ
What is CVE-2009-0961?
CVE-2009-0961 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers...
How severe is CVE-2009-0961?
CVE-2009-0961 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0961?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os, Apple Ipod Touch.