Apple iOS Multiple vulnerabilities

Last Update Date: 5 Nov 2012 Release Date: 2 Nov 2012 5625 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple vulnerabilities have been identified in Apple iOS, which can be exploited by attacker to bypass the screen lock, access potentially sensitive information or compromise a user's system.

  • A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a flaw in WebKit in the handling of JavaScript arrays and execute arbitrary code on the target system
  • A local application can exploit a flaw in certain APIs that return a OSBundleMachOHeaders key to determine kernel addresses, which may facilitate the bypass of addressspace layout randomization protection
  • A physically local user can access Passbook passes without entering a passcode

Impact

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Apple iOS

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to Apple iOS 6.0.1

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple Safari Multiple Vulnerabilities

5 Nov 2012 5376 Views

Next

Symantec Antivirus products CAB files Vulnerability

6 Nov 2012 5550 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY