Apple iOS < 7.1.1 Multiple Vulnerabilities

High Nessus Plugin ID 73647

Synopsis

The version of iOS running on the mobile device is affected by multiple vulnerabilities.

Description

The mobile device is running a version of iOS that is prior to version 7.1.1. It is, therefore, affected by vulnerabilities in the following components :

- CFNetwork HTTPProtocol
- IOKit Kernel
- Secure Transport
- WebKit

Solution

Upgrade to Apple iOS 7.1.1 or later.

See Also

http://support.apple.com/kb/HT1222

http://www.securityfocus.com/archive/1/531902

Plugin Details

Severity: High

ID: 73647

File Name: apple_ios_711_check.nbin

Version: $Revision: 1.46 $

Type: local

Published: 2014/03/22

Modified: 2018/07/19

Dependencies: 60033

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Required KB Items: mdm/dependency/unlocked

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/04/22

Vulnerability Publication Date: 2013/07/10

Reference Information

CVE: CVE-2013-2871, CVE-2014-1295, CVE-2014-1296, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1320, CVE-2014-1713

BID: 61054, 66242, 66243, 66572, 66573, 66574, 66575, 66576, 66577, 66578, 66579, 66581, 66583, 66585, 66586, 66587, 67024, 67025, 67027

APPLE-SA: APPLE-SA-2014-04-22-2