Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apple iOS < 3.1.3 Multiple Vulnerabilities

High

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote mobile host is a using a version of Apple iOS earlier than 3.1.3. Such versions are potentially affected by multiple vulnerabilities :

- A buffer overflow exists in the handling of mp4 audio files. (CVE-2010-0036)

- A buffer underflow exists in ImageIO's handling of TIFF images. (CVE-2009-2285)

- A memory corruption issue exists in the handling of a certain USB control message. (CVE-2010-0038)

- Multiple input validation issues exist in WebKit's handling of FTP directory listings. (CVE-2009-3384)

- When WebKit encounters an HTML 5 Media Element pointing to an external resource, it does not issue a resource load callback to determine if the resource should be loaded. (CVE-2009-2841)

Solution

Upgrade to Apple iOS 3.1.3 or later.