Multiple vulnerabilities in iOS

Posted: November 3, 2012 in Vulnerabilities
Tags: , ,

Vulnerability

vulnerabilities in iOS

Vulnerability: Multiple vulnerabilities in iOS

Danger: High
Patch: Yes
Number of vulnerabilities: 4
CVE ID: CVE-2012-3748
CVE-2012-3749
CVE-2012-3750
CVE-2012-5112

Impact:
– Disclosure of system information;
– Bypass Security;
– Compromise of the system.

Affected products:- Apple iOS 6.x for iPhone 3GS and Lattre;
– Apple iOS for iPad 6.x;
– Apple iOS for iPod touch 6.x.
Affected versions:- Apple iOS versions up to 6.0.1 for iPhone 3GS and later
– Apple iOS versions up to 6.0.1 for iPad
– Apple iOS versions up to 6.0.1 for iPod touch

Description:

Which can be exploited by malicious people to compromise a vulnerable system.

1. An error in the processing of certain core API. This can be exploited to disclose OSBundleMachOHeaders key.

2. An error in the component lock passwords. A remote user can gain access to sensitive data in the Passbook.

3. Operating system contains a vulnerable version of WebKit. More information is available at:
https://malwarelist.wordpress.com/2012/11/03/multiple-vulnerabilities-in-apple-safari/

Manufacturer URL: http://apple.com/

Solution: To resolve the vulnerability install the product, version 6.0.1 from the manufacturer.

links:

http://support.apple.com/kb/HT5567

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s