Apple iOS < 5.1.1 Multiple Vulnerabilities

This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.

Synopsis :

Report iOS devices older than 5.1.1.

Description :

The mobile device is running a version of iOS that is older than
version 5.1.1. Version 5.1.1 contains numerous security-related fixes
for the following vulnerabilities :

- Attackers can use a vulnerability in WebKit to perform
cross-site scripting attacks, possibly leaking data such
as cookies, user information, and passwords.
(CVE-2011-3046, CVE-2011-3056)

- A remote code execution vulnerability in WebKit could
allow a malicious site to run code on the host iOS
device giving the attacker access to critical data on
the phone.(CVE-2012-0672)

- Vulnerabilities in Safari can allow malicious sites to
spoof the address in the address bar of the browser.
This attack allows an attacker to redirect victims to a
malicious site without the user's ability to notice.

See also :

Solution :

Apple has released a set of patches for your iOS-based device.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: Mobile Devices

Nessus Plugin ID: 60027 ()

Bugtraq ID: 52369

CVE ID: CVE-2011-3046

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now