Apple iPhone Unauthorized tel: Initiation Vulnerability
BID:25854
Info
Apple iPhone Unauthorized tel: Initiation Vulnerability
| Bugtraq ID: | 25854 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-3757 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 27 2007 12:00AM |
| Updated: | Sep 27 2007 12:00AM |
| Credit: | Billy Hoffman and Bryan Sullivan of HP Security Labs (Formerly SPI Labs) and Eduardo Tang are credited with the discovery of this vulnerability. |
| Vulnerable: |
Apple iPhone 1.0.1 Apple iPhone 1 Apple iPhone 0 |
| Not Vulnerable: |
Apple iPhone 1.1.1 |
Discussion
Apple iPhone Unauthorized tel: Initiation Vulnerability
Apple iPhone is prone to a vulnerability resulting in unauthorized phone calls.
This issue affects the phone's Safari browser.
Attackers may exploit this issue to initiate unauthorized telephone calls to arbitrary phone numbers. Confirmation displayed to the user may indicate a different telephone number than the one that was actually dialed.
NOTE: This issue was initially disclosed along with several other issues in BID 25834 (Apple iPhone 1.1.1 Update Multiple Security Vulnerabilities). Each issue has been assigned its own BID to better document the details.
Versions prior to iPhone 1.1.1 are vulnerable.
Apple iPhone is prone to a vulnerability resulting in unauthorized phone calls.
This issue affects the phone's Safari browser.
Attackers may exploit this issue to initiate unauthorized telephone calls to arbitrary phone numbers. Confirmation displayed to the user may indicate a different telephone number than the one that was actually dialed.
NOTE: This issue was initially disclosed along with several other issues in BID 25834 (Apple iPhone 1.1.1 Update Multiple Security Vulnerabilities). Each issue has been assigned its own BID to better document the details.
Versions prior to iPhone 1.1.1 are vulnerable.
Exploit / POC
Apple iPhone Unauthorized tel: Initiation Vulnerability
To exploit this issue, an attacker will have to entice a victim into following a malicious URI.
To exploit this issue, an attacker will have to entice a victim into following a malicious URI.
Solution / Fix
Apple iPhone Unauthorized tel: Initiation Vulnerability
Solution:
A vendor advisory is available to address this issue. Please see the referenced advisory for more information.
Apple iPhone 0
Apple iPhone 1
Apple iPhone 1.0.1
Solution:
A vendor advisory is available to address this issue. Please see the referenced advisory for more information.
Apple iPhone 0
-
Apple iTunesSetup.exe
http://www.apple.com/itunes/download/iTunesSetup.exe
Apple iPhone 1
-
Apple iTunesSetup.exe
http://www.apple.com/itunes/download/iTunesSetup.exe
Apple iPhone 1.0.1
-
Apple iTunesSetup.exe
http://www.apple.com/itunes/download/iTunesSetup.exe
References
Apple iPhone Unauthorized tel: Initiation Vulnerability
References:
References: