Apple iOS < 6.1.3 Multiple Vulnerabilities

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.

Synopsis :

Report iOS devices older than 6.1.3.

Description :

The mobile device is running a version of iOS that is older than
version 6.1.3. This version contains security-related fixes for the
following issues :

- A state management error exists related to 'Mach-O'
files and overlapping segments that could allow
execution of unsigned code. (CVE-2013-0977)

- An error exists related to the ARM prefetch abort
handler that could allow disclosure of sensitive
information. (CVE-2013-0978)

- An error exists related to 'lockdownd' and file
permissions restrictions. (CVE-2013-0979)

- An error exists related to screen locking that could
allow unauthorized access. (CVE-2013-0980)

- An error exists related to IOUSBDeviceFamily driver used
pipe object pointers that could allow execution of
arbitrary code. (CVE-2013-0981)

- A variable casting error exists related to the bundled
'WebKit' component and SVG handling. (CVE-2013-0912)

See also :

Solution :

Apple has released a set of patches for iOS-based devices.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: Mobile Devices

Nessus Plugin ID: 65633 ()

Bugtraq ID: 57967

CVE ID: CVE-2013-0912

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now