Skip to main content

Apple iOS Multiple Vulnerabilities

Last Update Date: 14 Nov 2011 Release Date: 11 Nov 2011 5850 Views

RISK: High Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple Vulnerabilities have been identified in Apple iOS, which can be exploited by malicious people to obtain sensitive information and execute arbitrary code on the affected system.

  1. A remote user can create a specially crafted FreeType font that, when loaded by the target user, will execute arbitrary code on the target user's system.
  2. A remote user can create specially crafted HTML that, when loaded by the target user, will cause libinfo to disclose potentially sensitive information via DNS name lookups.
  3. A physically local user can open an iPad 2 Smart Cover while the device is confirming power off in the locked state to bypass the authentication passcode request.
     

Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Apple iOS 3.0 through 5.0 for iPhone 3GS, iPhone 4 and iPhone 4S
  • Apple iOS 4.3 through 5.0 for iPad 2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to Apple iOS 5.0.1 via iTunes

Vulnerability Identifier


Source


Related Link