Apple iOS < 7.1 Multiple Vulnerabilities

High Nessus Plugin ID 72907

Synopsis

The version of iOS running on the mobile device is affected by multiple vulnerabilities.

Description

The mobile device is running a version of iOS that is prior to version 7.1. It is, therefore, affected by vulnerabilities in the following components :

- Backup
- Certificate Trust Policy
- Configuration Profiles
- CoreCapture
- Crash Reporting
- dyld
- FaceTime
- ImageIO
- IOKit HID Event
- iTunes Store
- Kernel
- Office Viewer
- Photos Backend
- Profiles
- Safari
- Settings - Accounts
- Springboard
- SpringBoard Lock Screen
- TelephonyUI Framework
- USB Host
- Video Driver
- WebKit

Solution

Upgrade to Apple iOS 7.1 or later.

See Also

https://support.apple.com/en-us/HT202935

https://seclists.org/bugtraq/2014/Mar/53

Plugin Details

Severity: High

ID: 72907

File Name: apple_ios_71_check.nbin

Version: 1.49

Type: local

Published: 2014/03/10

Modified: 2018/11/15

Dependencies: 60033

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Required KB Items: mdm/dependency/unlocked

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/03/10

Vulnerability Publication Date: 2012/07/22

Reference Information

CVE: CVE-2012-2088, CVE-2013-2909, CVE-2013-2926, CVE-2013-2928, CVE-2013-3948, CVE-2013-5133, CVE-2013-5196, CVE-2013-5197, CVE-2013-5198, CVE-2013-5199, CVE-2013-5225, CVE-2013-5227, CVE-2013-5228, CVE-2013-6625, CVE-2013-6629, CVE-2013-6635, CVE-2013-6835, CVE-2014-1252, CVE-2014-1267, CVE-2014-1269, CVE-2014-1270, CVE-2014-1271, CVE-2014-1272, CVE-2014-1273, CVE-2014-1274, CVE-2014-1275, CVE-2014-1276, CVE-2014-1278, CVE-2014-1280, CVE-2014-1281, CVE-2014-1282, CVE-2014-1285, CVE-2014-1286, CVE-2014-1287, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-2019

BID: 54270, 63024, 63028, 63672, 63676, 64354, 64355, 64356, 64358, 64359, 64360, 64361, 64362, 65113, 65779, 65780, 65781, 66087, 66088, 66089, 66108

APPLE-SA: APPLE-SA-2014-03-10-1