Skip to main content

Apple iOS Multiple vulnerabilities

Last Update Date: 5 Nov 2012 Release Date: 2 Nov 2012 5770 Views

RISK: High Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple vulnerabilities have been identified in Apple iOS, which can be exploited by attacker to bypass the screen lock, access potentially sensitive information or compromise a user's system.

  • A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a flaw in WebKit in the handling of JavaScript arrays and execute arbitrary code on the target system
  • A local application can exploit a flaw in certain APIs that return a OSBundleMachOHeaders key to determine kernel addresses, which may facilitate the bypass of addressspace layout randomization protection
  • A physically local user can access Passbook passes without entering a passcode

Impact

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Apple iOS

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to Apple iOS 6.0.1

Vulnerability Identifier


Source


Related Link