Lucene search

Tenable6589.PRM

HistorySep 24, 2012 - 12:00 a.m.

Apple iOS < 6.0 Multiple Vulnerabilities

2012-09-2400:00:00

Tenable

www.tenable.com

JSON

According to its banner, the remote Apple iOS device is missing a security update. Versions of Apple iOS prior to 6.0 are exposed to the following vulnerabilities :

Numerous memory errors exist related to handling ‘TIFF’, ‘PNG’ and ‘JPEG’ images and ‘ImageIO’ that can allow arbitrary code execution. (CVE-2011-1167, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2012-1173, CVE-2012-3726)
Several issues exist related to ‘CoreGraphics’ and ‘FreeType’ (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1142, CVE-2012-1143, CVE-2012-1144)
Numerous issues exist related to libxml and can lead to application crashes or arbitrary code execution. (CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3919)
A stack-based buffer overflow exists related to ‘locale ID’ and ‘International Components for Unicode’ (ICU). (CVE-2011-4599)
An unitialized memory access issue exists related to ‘Sorenson’ encoded movie files and ‘CoreMedia’. (CVE-2012-3722)
An URL handling issue exists related to ‘CFNetwork’ that can disclose sensitive information. (CVE-2012-3724)
The ‘DNAv4’ protocol discloses sensitive information when connecting to unencrypted Wi-Fi networks. (CVE-2012-3725)
A buffer overflow error exists related to ‘IPSec’ and ‘racoon’ configuration files. (CVE-2012-3727)
An invalid pointer dereference error exists related to the kernel and packet filter ioctls. (CVE-2012-3728)
An uninitialized memory access error exists related to the kernel and the Berkeley Packet Filter interpreter. (CVE-2012-3729)
Several issues exist related to ‘Mail’ and the handling of attachments and ‘S/MIME’ signed messages. (CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)
Information disclosure issues exist related to ‘Messages’, ‘Office Viewer’, system logs, and ‘UIKit’. (CVE-2012-3733, CVE-2012-3734, CVE-2012-3743, CVE-2012-3746)
Memory corruption errors exist related to ‘OpenGL’. (CVE-2011-3457)
Numerous errors exist related to ‘Passcode Lock’. (CVE-2012-3735, CVE-2012-3736, CVE-2012-3737, CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)
An error exists in ‘Restrictions’ that can allow unauthorized purchases. (CVE-2012-3741)
Errors exist in ‘Safari’ that are related to misleading URL characters and password auto complete. (CVE-2012-3742, CVE-2012-0680)
A buffer overflow error exists related to ‘Telephony’ and SMS handling. (CVE-2012-3745)
Many errors exist related to the bundled ‘WebKit’ components. (CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3105, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2815, CVE-2012-2818, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3598, CVE-2012-3599, CVE-2012-3600, CVE-2012-3601, CVE-2012-3602, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3615, CVE-2012-3617, CVE-2012-3618, CVE-2012-3620, CVE-2012-3624, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3647, CVE-2012-3648, CVE-2012-3650, CVE-2012-3651, CVE-2012-3652, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3658, CVE-2012-3659, CVE-2012-3660, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3673, CVE-2012-3674, CVE-2012-3676, CVE-2012-3677, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3684, CVE-2012-3686, CVE-2012-3691, CVE-2012-3693, CVE-2012-3695, CVE-2012-3696, CVE-2012-3703, CVE-2012-3704, CVE-2012-3706, CVE-2012-3708, CVE-2012-3710, CVE-2012-3747)

Binary data 6589.prm

VendorProductVersionCPE
appleiphone_oscpe:/o:apple:iphone_os

Vendor	Product	Version	CPE
apple	iphone_os		cpe:/o:apple:iphone_os

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2845

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3016

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3021

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3027

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3032

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3034

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3035

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3036

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3037

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3038

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3039

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3040

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3041

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3042

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3043

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3044

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3050

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3053

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3059

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3060

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3064

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3067

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3068

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3069

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3071

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3073

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3074

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3075

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3076

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3078

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3081

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3086

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3089

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3090

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3105

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3328

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3457

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3913

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3924

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3926

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3958

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3966

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3968

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3969

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3971

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0680

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0682

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0683

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1128

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1144

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1520

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1521

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2815

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2818

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3589

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3590

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3591

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3592

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3593

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3594

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3595

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3596

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3597

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3598

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3599

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3600

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3601

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3602

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3603

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3604

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3605

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3608

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3609

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3610

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3611

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3612

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3613

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3614

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3615

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3617

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3618

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3620

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3624

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3625

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3626

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3627

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3628

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3629

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3630

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3631

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3633

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3634

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3635

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3636

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3637

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3638

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3639

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3640

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3641

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3642

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3644

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3645

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3646

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3647

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3648

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3650

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3651

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3652

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3653

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3655

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3656

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3658

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3659

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3660

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3661

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3663

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3664

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3665

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3666

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3667

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3668

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3669

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3670

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3671

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3672

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3673

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3674

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3676

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3677

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3678

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3679

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3680

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3681

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3682

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3683

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3684

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3686

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3691

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3693

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3695

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3696

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3703

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3704

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3706

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3708

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3710

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3722

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3724

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3725

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3726

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3727

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3728

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3729

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3730

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3731

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3732

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3733

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3734

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3735

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3736

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3737

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3738

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3739

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3740

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3741

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3742

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3743

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3744

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3745

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3746

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3747

support.apple.com/kb/HT5503

Apple iOS < 6.0 Multiple Vulnerabilities

References

Related