Apple iOS Multiple vulnerabilities
Last Update Date:
5 Nov 2012
Release Date:
2 Nov 2012
5770
Views
RISK: High Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities have been identified in Apple iOS, which can be exploited by attacker to bypass the screen lock, access potentially sensitive information or compromise a user's system.
- A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a flaw in WebKit in the handling of JavaScript arrays and execute arbitrary code on the target system
- A local application can exploit a flaw in certain APIs that return a OSBundleMachOHeaders key to determine kernel addresses, which may facilitate the bypass of addressspace layout randomization protection
- A physically local user can access Passbook passes without entering a passcode
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- Apple iOS
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to Apple iOS 6.0.1
Vulnerability Identifier
Source
Related Link
Share with