Apple iOS 7.x < 7.1.1 Multiple Security Vulnerabilities

Medium

Synopsis

The remote mobile device is running a version of iOS that is missing multiple security updates.

Description

The remote host is an iPhone, iPod Touch, or iPad running a version of iOS that is older than version 7.1.1, which leaves it open to vulnerabilities in the following components:

- Information disclosure of user cookies in CFNetwork HTTPProtocol - Information disclosure of kernel pointers in IOKit Kernel - Potential man-in-the-middle attack via Secure Transport - Memory corruptions in Webkit

Solution

Users should upgrade to 7.1.1 or later.