Apple iOS < 5.1 Multiple Vulnerabilities

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

Report iOS devices older than 5.1.

Description :

The mobile device is running a version of iOS that is older than
version 5.1. Version 5.1 contains numerous security-related fixes for
the following vulnerabilities :

- Apple iPhone/iPad/iPod Touch prior to iOS 5.1 Multiple
Vulnerabilities (CVE-2012-0641)

- Apple Mac OS X Integer Overflow Vulnerability
(CVE-2011-3453)

- Google Chrome prior to 15.0.874.102 Multiple Security
Vulnerabilities (CVE-2011-3887)

- WebKit Multiple Unspecified Cross-Site Scripting
Vulnerabilities (CVE-2012-0590)

- Google Chrome prior to 13.0.782.215 Multiple Security
Vulnerabilities (CVE-2011-2825)

- WebKit Multiple Unspecified Memory Corruption
Vulnerabilities (CVE-2011-2833)

- Google Chrome prior to 14.0.835.163 Multiple Security
Vulnerabilities (CVE-2011-2846)

- Google Chrome prior to 14.0.835.202 Multiple Security
Vulnerabilities (CVE-2011-2877)

- Google Chrome prior to 15.0.874.120 Multiple Security
Vulnerabilities (CVE-2011-3897)

- Google Chrome prior to 16.0.912.63 Multiple Security
Vulnerabilities (CVE-2011-3908)

- WebKit SVG Tags Use-After-Free Remote Code Execution
Vulnerability (CVE-2011-3928)

- Google Chrome prior to 16.0.912.77 Multiple Security
Vulnerabilities (CVE-2012-0591)

- WebKit Array.Splice Method Remote Code Execution
Vulnerability (CVE-2012-0592)

See also :

http://support.apple.com/kb/HT5192

Solution :

Apple has released a set of patches for your iOS-based device.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true