Tuesday, February 2, 2010
Since the vulnerability has been fixed and a new version of iPhone OS is available, I released a detailed security advisory on my website today.[89] The bug was assigned CVE-2010-0036. Figure 8-3 shows a timeline of how the vulnerability was addressed.
[83] See http://cydia.saurik.com/.
[84] See “iOS Developer Library: Core Audio Overview” at http://developer.apple.com/library/ios/#documentation/MusicAudio/Conceptual/CoreAudioOverview/Introduction/Introduction.html.
[85] See “iOS Developer Library: Audio Toolbox Framework Reference” at http://developer.apple.com/library/ios/#documentation/MusicAudio/Reference/CAAudioTooboxRef/_index.html.
[88] The QuickTime File Format Specification is available at http://developer.apple.com/mac/library/documentation/QuickTime/QTFF/QTFFPreface/qtffPreface.html.
[89] My security advisory that describes the details of the iPhone vulnerability can be found at http://www.trapkit.de/advisories/TKADV2010-002.txt.
3.16.147.124