icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons

Apple iOS 7.x < 7.0.3 Multiple Vulnerabilities

Low

Synopsis

The remote host is missing a critical Apple iOS patch update.

Description

According to its banner, the remote Apple iOS device is missing a security update. It is, therefore, affected by the following vulnerabilities :

- A NULL de-referencing at the lock screen could allow someone to bypass the lock to make calls to any phone number. (CVE-2013-5144) - A passcode entry may be visible when it should not be, and this may allow an attacker with physical access to brute force the passcode. (CVE-2013-5162) - A race condition may inadvertently allow access to the Contacts pane while the phone is locked. (CVE-2013-5164)

Solution

Upgrade to Apple iOS 7.0.3 or later.