Apple iOS < 4.2 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 5715

Synopsis

The remote host is missing a critical Apple iOS patch update.

Description

The remote mobile host is a using a version of Apple iOS earlier than 4.2. Such versions are potentially affected by multiple vulnerabilities. Apple iOS 4.2 contains security fixes for the following components :

- Configuration Policies

- CoreGraphics

- FreeType

- iAd Content Display

- ImageIO

- libxml

- Mail

- Networking

- OfficeImport

- Photos

- Safari

- Telephony

- WebKit

- Multiple components

Solution

Upgrade to Apple iOS 4.2 or later.

See Also

http://support.apple.com/kb/HT4456

http://lists.apple.com/archives/security-announce/2010/Nov/msg00003.html

Plugin Details

Severity: Critical

ID: 5715

Published: 2010/11/23

Modified: 2018/09/16

Dependencies: 8637

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Patch Publication Date: 2010/11/22

Vulnerability Publication Date: 2010/11/22

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2010-0042, CVE-2010-0051, CVE-2010-0544, CVE-2010-1205, CVE-2010-1384, CVE-2010-1387, CVE-2010-1392, CVE-2010-1394, CVE-2010-1403, CVE-2010-1405, CVE-2010-1407, CVE-2010-1408, CVE-2010-1410, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1421, CVE-2010-1422, CVE-2010-1707, CVE-2010-1757, CVE-2010-1758, CVE-2010-1764, CVE-2010-1770, CVE-2010-1771, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1791, CVE-2010-1793, CVE-2010-1806, CVE-2010-1807, CVE-2010-1811, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1843, CVE-2010-2249, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808, CVE-2010-3053, CVE-2010-3054, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3786, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3814, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3827, CVE-2010-3828, CVE-2010-3829, CVE-2010-3830, CVE-2010-3831, CVE-2010-3832, CVE-2010-4008

BID: 38677, 38692, 39958, 40644, 40653, 40656, 40657, 40659, 40663, 40666, 40668, 40670, 40672, 40675, 40697, 40698, 40704, 40710, 40714, 40717, 40732, 40754, 41051, 41053, 41068, 41174, 42034, 42035, 42036, 42037, 42038, 42041, 42044, 42045, 42046, 42048, 42049, 42285, 42621, 42624, 43047, 43049, 43076, 43077, 43078, 43079, 43081, 43083, 44200, 44204, 44206, 44647, 44779, 44784, 44799, 44950, 44952, 44953, 44954, 44955, 44956, 44957, 44958, 44959, 44960, 44961, 44962, 44969, 44970, 44971, 45006, 45007, 45008, 45010, 45011, 45012

IAVA: 2012-A-0073, 2012-A-0153