Apple iOS Multiple Vulnerabilities

Last Update Date: 14 Nov 2011 Release Date: 11 Nov 2011 5806 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple Vulnerabilities have been identified in Apple iOS, which can be exploited by malicious people to obtain sensitive information and execute arbitrary code on the affected system.

  1. A remote user can create a specially crafted FreeType font that, when loaded by the target user, will execute arbitrary code on the target user's system.
  2. A remote user can create specially crafted HTML that, when loaded by the target user, will cause libinfo to disclose potentially sensitive information via DNS name lookups.
  3. A physically local user can open an iPad 2 Smart Cover while the device is confirming power off in the locked state to bypass the authentication passcode request.
     

Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Apple iOS 3.0 through 5.0 for iPhone 3GS, iPhone 4 and iPhone 4S
  • Apple iOS 4.3 through 5.0 for iPad 2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to Apple iOS 5.0.1 via iTunes

Vulnerability Identifier

Source

Related Link

Share with

Previous

ProFTPD Response Pool Use-After-Free Vulnerability

11 Nov 2011 5859 Views

Next

Adobe Flash Player Multiple Vulnerabilities

11 Nov 2011 5993 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY