Report iOS devices older than 6.1.
The mobile device is running a version of iOS that is older than
version 6.1. This version contains security-related fixes for the
following issues :
- An error related to 'EUC-JP' encoding could allow cross-
site scripting attacks. (CVE-2011-3058)
- An out-of-bounds read error exists related to 802.11i
information handling that could allow remote attackers
to disable WiFi. (CVE-2012-2619)
- An error exists related to certificate-based
'Apple ID' authentication that could allow improper
trust extension. (CVE-2013-0963)
- An error exists related to the 'copyin' and 'copyout'
functions that could allow a user-mode process to access
the first page of kernel memory. (CVE-2013-0964)
- An error exists related to Mobile Safari
to be enabled after a user has disabled it.
- Many errors exist related to the bundled 'WebKit'
components. (CVE-2012-2824, CVE-2012-2857,
CVE-2012-2889, CVE-2012-3606, CVE-2012-3607,
CVE-2012-3621, CVE-2012-3632, CVE-2012-3687,
CVE-2012-3701, CVE-2013-0948, CVE-2013-0949,
CVE-2013-0950, CVE-2013-0951, CVE-2013-0952,
CVE-2013-0953, CVE-2013-0954, CVE-2013-0955,
CVE-2013-0956, CVE-2013-0958, CVE-2013-0959,
- Two intermediate certificates, improperly issued by
TURKTRUST certificate authority, are incorrectly
See also :
Apple has released a set of patches for iOS-based devices.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false