Apple iOS < 5.1 Multiple Vulnerabilities

high Nessus Plugin ID 60028
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

Report iOS devices older than 5.1.

Description

The mobile device is running a version of iOS that is older than version 5.1. Version 5.1 contains numerous security-related fixes for the following vulnerabilities :

- Apple iPhone/iPad/iPod Touch prior to iOS 5.1 Multiple Vulnerabilities (CVE-2012-0641)

- Apple Mac OS X Integer Overflow Vulnerability (CVE-2011-3453)

- Google Chrome prior to 15.0.874.102 Multiple Security Vulnerabilities (CVE-2011-3887)

- WebKit Multiple Unspecified Cross-Site Scripting Vulnerabilities (CVE-2012-0590)

- Google Chrome prior to 13.0.782.215 Multiple Security Vulnerabilities (CVE-2011-2825)

- WebKit Multiple Unspecified Memory Corruption Vulnerabilities (CVE-2011-2833)

- Google Chrome prior to 14.0.835.163 Multiple Security Vulnerabilities (CVE-2011-2846)

- Google Chrome prior to 14.0.835.202 Multiple Security Vulnerabilities (CVE-2011-2877)

- Google Chrome prior to 15.0.874.120 Multiple Security Vulnerabilities (CVE-2011-3897)

- Google Chrome prior to 16.0.912.63 Multiple Security Vulnerabilities (CVE-2011-3908)

- WebKit SVG Tags Use-After-Free Remote Code Execution Vulnerability (CVE-2011-3928)

- Google Chrome prior to 16.0.912.77 Multiple Security Vulnerabilities (CVE-2012-0591)

- WebKit Array.Splice Method Remote Code Execution Vulnerability (CVE-2012-0592)

Solution

Apple has released a set of patches for your iOS-based device.

See Also

https://support.apple.com/en-us/HT202432

Plugin Details

Severity: High

ID: 60028

File Name: apple_ios_51_check.nbin

Version: 1.79

Type: local

Published: 6/19/2012

Updated: 7/12/2021

Dependencies: mdm_dependency_lock.nbin

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Required KB Items: mdm/dependency/unlocked

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/31/2012

Reference Information

CVE: CVE-2011-2825, CVE-2011-2833, CVE-2011-2846, CVE-2011-2847, CVE-2011-2854, CVE-2011-2855, CVE-2011-2857, CVE-2011-2860, CVE-2011-2867, CVE-2011-2868, CVE-2011-2869, CVE-2011-2870, CVE-2011-2871, CVE-2011-2872, CVE-2011-2873, CVE-2011-2877, CVE-2011-3453, CVE-2011-3881, CVE-2011-3885, CVE-2011-3887, CVE-2011-3888, CVE-2011-3897, CVE-2011-3908, CVE-2011-3909, CVE-2011-3928, CVE-2012-0585, CVE-2012-0586, CVE-2012-0587, CVE-2012-0588, CVE-2012-0589, CVE-2012-0590, CVE-2012-0591, CVE-2012-0592, CVE-2012-0593, CVE-2012-0594, CVE-2012-0595, CVE-2012-0596, CVE-2012-0597, CVE-2012-0598, CVE-2012-0599, CVE-2012-0600, CVE-2012-0601, CVE-2012-0602, CVE-2012-0603, CVE-2012-0604, CVE-2012-0605, CVE-2012-0606, CVE-2012-0607, CVE-2012-0608, CVE-2012-0609, CVE-2012-0610, CVE-2012-0611, CVE-2012-0612, CVE-2012-0613, CVE-2012-0614, CVE-2012-0615, CVE-2012-0616, CVE-2012-0617, CVE-2012-0618, CVE-2012-0619, CVE-2012-0620, CVE-2012-0621, CVE-2012-0622, CVE-2012-0623, CVE-2012-0624, CVE-2012-0625, CVE-2012-0626, CVE-2012-0627, CVE-2012-0628, CVE-2012-0629, CVE-2012-0630, CVE-2012-0631, CVE-2012-0632, CVE-2012-0633, CVE-2012-0635, CVE-2012-0641, CVE-2012-0642, CVE-2012-0643, CVE-2012-0644, CVE-2012-0645, CVE-2012-0646

BID: 49279, 49658, 49938, 50360, 50642, 51041, 51641, 51807, 52364, 52365, 52367, 52956, 53148