Apple iOS < 6.0.1 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 6615
SynopsisThe remote host is missing a critical Apple iOS patch update.
DescriptionAccording to its banner, the remote Apple iOS device is missing a security update. It is, therefore, affected by the following vulnerabilities :
- Kernel extension API responses containing an 'OSBundleMachOHeaders' key may include kernel addresses which can aid in further attacks. (CVE-2012-3749)
- The lock screen can provide 'Passbook' data to an attacker having physical device access but not a passcode. (CVE-2012-3750)
- A use-after-free issue in the handling of SVG images in WebKit could lead to arbitrary, remote code execution. (CVE-2012-5112)
SolutionUpgrade to Apple iOS 6.0.1 or later.