You are here

U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses

August 20, 2012 - 7:00am

Addthis

PROBLEM:

Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses

PLATFORM:

Version(s): 6 beta 4 and prior versions

ABSTRACT:

A remote user can spoof SMS source addresses.

Reference LINKS:

SecurityTracker Alert ID: 1027410
Apple.com
PCMag.com
The original advisory

IMPACT ASSESSMENT:

Medum

Discussion:

A vulnerability was reported in Apple iPhone. A remote user can send an SMS message with a specially crafted User Data Header (UDH) value that specifies an alternate reply address. The recipient's iPhone will display the reply address as the source of the SMS.

Impact:

Apple iPhone SMS Processing Flaw Lets Remote Users Spoof

Solution:

No solution was available at the time of this entry.

Addthis