|
Apple iPhone / iPod touch Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA35449
|
|
|
Release Date:
|
2009-06-18
|
|
Last Update:
|
2009-07-23
|
|
Popularity:
|
4,001 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
Security Bypass
Cross Site Scripting
Exposure of sensitive information
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Apple iPhone
Apple iPod touch
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Some vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), disclose sensitive information, conduct cross-site scripting and cross-site request forgery attacks, or compromise a user's system.
1) Multiple vulnerabilities in CoreGraphics can be exploited by malicious people to compromise a user's system.
For more information:
SA32706
SA34291
SA34723
SA35074
2) An error in the handling of untrusted Exchange server certificates can lead to the disclosure of credentials or application data due to the certificate being accepted with no prompt and validation.
3) A vulnerability in ImageIO can be exploited by malicious people to compromise a user's system.
For more information:
SA33970
4) A vulnerability in International Components for Unicode can be exploited by malicious people to bypass certain security restrictions.
For more information:
SA35436
5) Some vulnerabilities in IPSec can be exploited by malicious people to cause a DoS (Denial of Service).
For more information:
SA31478
SA31450
6) Some vulnerabilities in libxml2 can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
For more information:
SA31558
SA32130
SA32773
7) An error in Mail can result in a phone call being initiated without user interaction if an application causes an alert during the call approval dialog.
This is related to vulnerability #11 in:
SA32756
8) An input validation error in the handling of MPEG-4 video files can lead to an unexpected device reset.
9) Clearing Safari's history via the Settings application can lead to disclosure of the search history.
10) An assertion error in the handling of ICMP echo request packets can be exploited to cause a device reset via a specially crafted ICMP echo request.
11) Some vulnerabilities in WebKit can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to compromise a user's system.
For more information:
SA31326
SA35056
SA35379
12) An error in the separation of JavaScript contexts can be exploited to overwrite the "document.implementation" of an embedded or parent document served from a different security zone.
13) A type conversion error exists in the JavaScript exception handling in WebKit. This can be exploited to corrupt memory when assigning the exception to a variable that is declared as a constant and may allow execution of arbitrary code when a user visits a specially crafted web site.
14) An error in the JavaScript garbage collector implementation can potentially be exploited to corrupt memory and execute arbitrary code.
15) Multiple unspecified errors in the handling of javascript objects can potentially be exploited to conduct cross-site scripting attacks.
16) An error in WebKit can be exploited to alter standard JavaScript prototypes of websites served from a different domain.
17) An error in WebKit in the handling of HTMLSelectElement objects can be exploited to cause a device reset.
18) An error in WebKit can be exploited to load and capture an image from another website by using a canvas and a redirect.
19) An error in WebKit allows frames to be accessed by an HTML document after a page transition, which can be exploited to conduct cross-site scripting attacks.
20) An error in the handling of XMLHttpRequest headers in WebKit can be exploited to bypass the same-origin policy.
21) A Use-After-Free error exists in WebKit within the handling of the JavaScript DOM, which can potentially be exploited to execute arbitrary code.
22) An error in WebKit within the handling of Location and History objects can be exploited to conduct cross-site scripting attacks.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
