Used as an injection vector for the current iPhone 3G and iPhone 3GS unlock payloads - ultrasn0w 0.93. Currently available in all baseband versions until 05.13.04.
- vulnerability: sherif_hashim, also discovered independently by westbaer, also discovered independently by geohot
- exploitation: iPhone Dev Team
There is a stack overflow in the AT+XAPP="..." command, which allows unsigned code execution on the X-Gold 608
applying a string of more than 52 characters will trigger the overflow
Category: Baseband Exploits