icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Apple iOS < 6.1.3 Multiple Vulnerabilities

High

Synopsis

The remote host is missing a critical Apple iOS patch update.

Description

According to its banner, the remote Apple iOS device is missing a security update. It is, therefore, affected by the following vulnerabilities :

- A state management issue exists in the handling of Mach-O executable files with overlapping segments. (CVE-2013-0977) - An information disclosure issue exists in the ARM prefetch abort handler. (CVE-2013-0978) - When restoring from backup, lockdownd changes permissions on certain files even if the path to the file included a symbolic link. (CVE-2013-0979) - A logic issue exists in the handling of emergency calls from the lock screen. (CVE-2013-0980) - The IOUSBDeviceFamily driver uses pipe object pointers that come from an untrusted source. (CVE-2013-0981) - An invalid cast issue exists in the handling of SVG files. (CVE-2013-0912)

Solution

Upgrade to Apple iOS 6.1.3 or later.