Apple iOS < 4.0 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 5578

Synopsis

The remote host is missing a critical Apple iOS patch update.

Description

The remote mobile host is a using a version of Apple iOS earlier than 4.0. Such versions are potentially affected by multiple vulnerabilities. Apple iOS 4.0 contains security fixes for the following components :

- Application Sandbox

- CFNetwork

- ImageIO

- LibSystem

- libxml

- Passcode Lock

- Safari

- Settings

- WebKit

Solution

Upgrade to Apple iOS 4.0 or later.

See Also

http://support.apple.com/kb/HT4225

http://lists.apple.com/archives/security-announce//2010/Jun/msg00003.html

Plugin Details

Severity: Critical

ID: 5578

Published: 2010/06/22

Modified: 2016/12/09

Dependencies: 8637

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Patch Publication Date: 2010/06/21

Vulnerability Publication Date: 2010/06/21

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-0689, CVE-2009-1416, CVE-2009-2195, CVE-2009-2414, CVE-2009-2816, CVE-2010-0041, CVE-2010-0042, CVE-2010-0043, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0051, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0544, CVE-2010-1119, CVE-2010-1384, CVE-2010-1387, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1723, CVE-2010-1751, CVE-2010-1752, CVE-2010-1753, CVE-2010-1754, CVE-2010-1755, CVE-2010-1756, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1762, CVE-2010-1769, CVE-2010-1774, CVE-2010-1775, CVE-2010-2660

BID: 40750, 41016, 41048, 41049, 41051, 41052, 41053, 41054, 41066, 41067, 41068