Apple iOS < 7.1

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The version of iOS running on the mobile device is affected by
multiple vulnerabilities.

Description :

The mobile device is running a version of iOS that is prior to
version 7.1. It is, therefore, affected by vulnerabilities in the
following components :

- Backup
- Certificate Trust Policy
- Configuration Profiles
- CoreCapture
- Crash Reporting
- dyld
- FaceTime
- ImageIO
- IOKit HID Event
- iTunes Store
- Kernel
- Office Viewer
- Photos Backend
- Profiles
- Safari
- Settings - Accounts
- Springboard
- SpringBoard Lock Screen
- TelephonyUI Framework
- USB Host
- Video Driver
- WebKit

See also :

http://support.apple.com/kb/HT6162
http://seclists.org/bugtraq/2014/Mar/53

Solution :

Upgrade to iOS 7.1 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false