HistoryJan 24, 2017 - 12:00 a.m.

Apple iOS < 10.2.1 Multiple Vulnerabilities

2017-01-2400:00:00

www.tenable.com

The version of Apple iOS running on the mobile device is prior to 10.2.1. It is, therefore, affected by multiple vulnerabilities in multiple components, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these remote code execution vulnerabilities by convincing a user to visit a specially crafted website, resulting in the execution of arbitrary code in the context of the current user. The affected components are as follows :

Auto Unlock
Contacts
Kernel
libarchive
WebKit
WiFi

Binary data apple_ios_1021_check.nbin

VendorProductVersionCPE
appleiphone_oscpe:/o:apple:iphone_os

Vendor	Product	Version	CPE
apple	iphone_os		cpe:/o:apple:iphone_os

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8687

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2350

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2351

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2352

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2354

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2355

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2356

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2360

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2362

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2363

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2364

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2365

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2366

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2368

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2369

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2370

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2371

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2373

www.nessus.org/u?00338fdd

support.apple.com/en-us/HT207482

JSON