iPhone 3.0 update (Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities)

Multiple vulnerabilities have been identified in Apple iPhone and iPod touch, which could be exploited by atatckers to bypass security restrictions, gain knowledge of sensitive information, cause a denial of service or compromise a vulnerable system. These issues are caused by buffer overflows, memory corruptions and use-after-free, integer overflows and underflows, uninitialized pointers, implementation and design issues, memory leaks, and input validation errors in CoreGraphics, Exchange, ImageIO, ICU, IPSec, libxml, Mail, MPEG-4 Video Codec, Profiles, Safari, Telephony, and WebKit.

• http://www.vupen.com/english/advisories/2009/1621
• http://secunia.com/advisories/35449/
• http://support.apple.com/kb/HT3639

Vulnerability Identifier

• CVE-2008-2320
• CVE-2008-3281
• CVE-2008-3529
• CVE-2008-3623
• CVE-2008-3651
• CVE-2008-3652
• CVE-2008-4225
• CVE-2008-4226
• CVE-2008-4409
• CVE-2009-0040
• CVE-2009-0145
• CVE-2009-0146
• CVE-2009-0147
• CVE-2009-0153
• CVE-2009-0155
• CVE-2009-0165
• CVE-2009-0945
• CVE-2009-0946
• CVE-2009-0958
• CVE-2009-0959
• CVE-2009-0961
• CVE-2009-1179
• CVE-2009-1679
• CVE-2009-1680
• CVE-2009-1683
• CVE-2009-1684
• CVE-2009-1685
• CVE-2009-1686
• CVE-2009-1687
• CVE-2009-1688
• CVE-2009-1689
• CVE-2009-1690
• CVE-2009-1691
• CVE-2009-1692
• CVE-2009-1693
• CVE-2009-1694
• CVE-2009-1695
• CVE-2009-1697
• CVE-2009-1698
• CVE-2009-1699
• CVE-2009-1700
• CVE-2009-1701
• CVE-2009-1702