8.5 Addendum

Note

Tuesday, February 2, 2010

Since the vulnerability has been fixed and a new version of iPhone OS is available, I released a detailed security advisory on my website today.[89] The bug was assigned CVE-2010-0036. Figure 8-3 shows a timeline of how the vulnerability was addressed.

Timeline from the time I notified Apple until I released a security advisory

Figure 8-3. Timeline from the time I notified Apple until I released a security advisory

Notes

[82]

[83]

[84]

[85]

[86]

[87]

[88]

[89]


[82] See http://en.wikipedia.org/wiki/IOS_jailbreaking.

[83] See http://cydia.saurik.com/.

[84] See “iOS Developer Library: Core Audio Overview” at http://developer.apple.com/library/ios/#documentation/MusicAudio/Conceptual/CoreAudioOverview/Introduction/Introduction.html.

[85] See “iOS Developer Library: Audio Toolbox Framework Reference” at http://developer.apple.com/library/ios/#documentation/MusicAudio/Reference/CAAudioTooboxRef/_index.html.

[86] See http://en.wikipedia.org/wiki/Advanced_Audio_Coding.

[87] See http://ericasadun.com/ftp/EricaUtilities/.

[88] The QuickTime File Format Specification is available at http://developer.apple.com/mac/library/documentation/QuickTime/QTFF/QTFFPreface/qtffPreface.html.

[89] My security advisory that describes the details of the iPhone vulnerability can be found at http://www.trapkit.de/advisories/TKADV2010-002.txt.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.16.147.124