Apple iOS < 3.1.3 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 5337
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote mobile host is a using a version of Apple iOS earlier than 3.1.3. Such versions are potentially affected by multiple vulnerabilities :
- A buffer overflow exists in the handling of mp4 audio files. (CVE-2010-0036)
- A buffer underflow exists in ImageIO's handling of TIFF images. (CVE-2009-2285)
- A memory corruption issue exists in the handling of a certain USB control message. (CVE-2010-0038)
- Multiple input validation issues exist in WebKit's handling of FTP directory listings. (CVE-2009-3384)
- When WebKit encounters an HTML 5 Media Element pointing to an external resource, it does not issue a resource load callback to determine if the resource should be loaded. (CVE-2009-2841)
SolutionUpgrade to Apple iOS 3.1.3 or later.