Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses
|
|
SecurityTracker Alert ID: 1027410 |
|
SecurityTracker URL: http://securitytracker.com/id/1027410
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Aug 18 2012
|
Impact:
Modification of system information
|
Exploit Included: Yes
|
Version(s): 6 beta 4 and prior versions
|
Description:
A vulnerability was reported in Apple iPhone. A remote user can spoof SMS source addresses.
A remote user can send an SMS message with a specially crafted User Data Header (UDH) value that specifies an alternate reply address. The recipient's iPhone will display the reply address as the source of the SMS.
The original advisory is available at:
http://pod2g-ios.blogspot.co.uk/2012/08/never-trust-sms-ios-text-spoofing.html
pod2g reported this vulnerability.
|
Impact:
A remote user can spoof SMS source addresses.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.apple.com/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Sat, 18 Aug 2012 03:20:24 +0000
Subject: Apple iPhone
|
http://pod2g-ios.blogspot.co.uk/2012/08/never-trust-sms-ios-text-spoofing.html
|
|
