CVE-2009-2204

N/A Unknown
Published: August 03, 2009 Modified: April 23, 2026
View on NVD

Description

Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.apple.com/archives/security-announce/2009/Jul/msg00001.html
Source: cve@mitre.org
http://news.cnet.com/8301-1009_3-10278472-83.html
Source: cve@mitre.org
http://secunia.com/advisories/36070
Source: cve@mitre.org
Vendor Advisory
http://securitytracker.com/id?1022626
Source: cve@mitre.org
Patch
http://support.apple.com/kb/HT3754
Source: cve@mitre.org
Vendor Advisory
http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf
Source: cve@mitre.org
Exploit
http://www.osvdb.org/55687
Source: cve@mitre.org
http://www.securityfocus.com/bid/35569
Source: cve@mitre.org
http://www.syscan.org/Sg/program.html
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2009/2105
Source: cve@mitre.org
Patch Vendor Advisory
http://lists.apple.com/archives/security-announce/2009/Jul/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://news.cnet.com/8301-1009_3-10278472-83.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/36070
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securitytracker.com/id?1022626
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://support.apple.com/kb/HT3754
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.osvdb.org/55687
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/35569
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.syscan.org/Sg/program.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/2105
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
18.7%
95th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

apple