Lucene search

K
nessusTenable700116.PRM
HistoryMay 17, 2017 - 12:00 a.m.

Apple iOS < 10.3.2 Multiple Vulnerabilities

2017-05-1700:00:00
Tenable
www.tenable.com
17

The version of iOS running on the mobile device is prior to 10.3.2, and is affected by multiple vulnerabilities :

  • A use-after-free error exists in the handling of RenderElement objects. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.
  • A use-after-free error exists in the handling of RenderLayer objects. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.
  • A use-after-free error exists in the handling of RenderInline objects. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.
  • A flaw exists that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code.
  • An unspecified flaw exists related to the certificate trust policy that is triggered when handling trust acceptance. This may allow a context-dependent attacker to potentially cause untrusted certificates to be treated as trusted.
  • An unspecified flaw exists in the Safari history menu. With a specially crafted web page, a context-dependent attacker can cause an application denial of service.
  • A logic flaw exists that allows a universal cross-site scripting (UXSS) attack. The issue is triggered when handling WebKit Editor commands. This may allow a context-dependent attacker to create a specially crafted web page that will execute arbitrary script code in a user’s browser session within the trust relationship between their browser and any website.
  • A type confusion flaw exists in SQLite that is triggered as certain input related to ‘snippet’ is not properly validated. With specially crafted web content, a context-dependent attacker can corrupt memory and potentially execute arbitrary code.

This product is also affected by vulnerabilities found in the following components:

  • AVEVideoEncoder
  • CoreAudio
  • CoreFoundation
  • Foundation
  • iBooks
  • IOSurface
  • Kernel
  • TextInput
  • Notifications
  • SQLite
  • WebKit
  • Web Inspector
Binary data 700116.prm
VendorProductVersion
appleiphone_os

References