Apple iOS Multiple Vulnerabilities

Last Update Date: 20 Mar 2013 14:58 Release Date: 20 Mar 2013 4240 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple vulnerabilities have been identified in Apple iOS. A local user can obtain elevated privileges on the target system.

  1. A local user can exploit a flaw in the handling of Mach-O executable files with overlapping segments to execute unsigned code on the target system.
  2. A local user can exploit a flaw in the ARM prefetch abort handling to determine the address of structures in the kernel.
  3. A local user can conduct a symlink attack on files restore by backup using Lockdown to modify permissions on target files.
  4. A local user can exploit a flaw in the IOUSBDeviceFamily driver to execute arbitrary code with kernel level privileges.

Impact

  • Elevation of Privilege
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Apple iOS version prior to 6.1.3

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix (iOS 6.1.3) as part of APPLE-SA-2013-03-19-1 iOS 6.1.3.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Ruby on Rails Multiple Vulnerabilities

20 Mar 2013 4029 Views

Next

Samba Active Directory Domain Controller File Permission Vulnerability

20 Mar 2013 4016 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY