SynopsisThe remote mobile host is vulnerable to multiple attack vectors.
DescriptionThe remote mobile host is a using a version of Apple iOS earlier than 3.1. Such versions are potentially affected by multiple issues:
- An issue in WebKit's handling of the parent and top objects could result in cross-site scripting attacks. (CVE-2009-1724)
- A memory corruption issue in WebKits's handling of numeric character references. (CVE-2009-1725)
- The International Domain Name support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. (CVE-2009-2199)
- A heap buffer overflow exists in the handling of AAC or MP3 files. (CVE-2009-2206)
- Spotlight finds and allows access to deleted messages in Mail folders on the device. (CVE-2009-2207)
- The iPhone OS allows users to specify a 'Require Passcode' setting that may be greater than the 'Maximum Inactivity time lock' setting from Microsoft Exchange servers. (CVE-2009-2794)
- A heap buffer overflow exists in Recovery Mode command parsing. (CVE-2009-2795)
- When a character in a password is deleted, and the deletion is undone, the character is briefly made visible. (CVE-2009-2796)
- Safari includes the user name and password from the original URL in the referer header. (CVE-2009-2797)
- A null pointer dereference issue exists in the handling of SMS arrival notifications. (CVE-2009-2815)
SolutionUpgrade to Apple iOS 3.1 or later.