vendor:
iPhone MobileMail
by:
hdm, kf
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: iPhone MobileMail
Affected Version From: 1
Affected Version To: 1.1.2001
Patch Exists: YES
Related CWE: 2006-3459
CPE: o:apple:iphone_firmware:1.00 cpe:/o:apple:iphone_firmware:1.01 cpe:/o:apple:iphone_firmware:1.02 cpe:/o:apple:iphone_firmware:1.1.1
Platforms Tested: Mac
2006
iPhone MobileMail LibTIFF Buffer Overflow
This module exploits a buffer overflow in the version of libtiff shipped with firmware versions 1.00, 1.01, 1.02, and 1.1.1 of the Apple iPhone. iPhones which have not had the BSD tools installed will need to use a special payload.
Mitigation:
Update to the latest firmware version. Install BSD tools on iPhones that have not had them installed.
