Apple iOS Multiple Vulnerabilities
Last Update Date:
14 Nov 2011
Release Date:
11 Nov 2011
5850
Views
RISK: High Risk
TYPE: Operating Systems - Mobile & Apps
Multiple Vulnerabilities have been identified in Apple iOS, which can be exploited by malicious people to obtain sensitive information and execute arbitrary code on the affected system.
- A remote user can create a specially crafted FreeType font that, when loaded by the target user, will execute arbitrary code on the target user's system.
- A remote user can create specially crafted HTML that, when loaded by the target user, will cause libinfo to disclose potentially sensitive information via DNS name lookups.
- A physically local user can open an iPad 2 Smart Cover while the device is confirming power off in the locked state to bypass the authentication passcode request.
Impact
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- Apple iOS 3.0 through 5.0 for iPhone 3GS, iPhone 4 and iPhone 4S
- Apple iOS 4.3 through 5.0 for iPad 2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to Apple iOS 5.0.1 via iTunes
Vulnerability Identifier
Source
Related Link
Share with