فا

‫ Apple iOS Multiple Vulnerabilities

IRCAD2014033187
ID: IRCAD2014033187
Release Date: 2014-03-11
Criticality level: Highly critical
Software:

Apple iOS 7.x for iPhone 4 and later

Apple iOS for iPad 7.x

Apple iOS for iPod touch 7.x

Description:

Two weaknesses, a security issue, and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to bypass certain security restrictions and compromise a vulnerable device and by malicious people to conduct spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a vulnerable device.

1) The Configuration Profiles component does not properly verify expiration dates of mobile configuration profiles.

2) An error exists when handling code signature validation of text relocation instructions in dynamic libraries within the dyld component, which can be exploited to bypass certain code signing requirements.

3) An error exists when handling FaceTime calls from the lock screen within the FaceTime component, which can be exploited to access otherwise restricted FaceTime contacts.

4) An error exists when handling JPEG2000 images in PDF files within the ImageIO component, which can be exploited to cause a buffer overflow via a specially crafted PDF file.

5) An error related to libtiff exists within the ImageIO component.

6) An error related to libjpeg exists within the ImageIO component.

7) An error exists when handling application downloads via the Enterprise App Download within the iTunes Store component, which can be exploited to spoof an application download via Man-in-the-Middle (MitM) attacks.

8) An error exists within the Office Viewer component.

9) An error exists within the Safari component.

10) The TelephonyUI Framework component does not properly restrict access to facetime-audio:// URLs, which can be exploited to perform an otherwise restricted FaceTime audio call without user interaction.

11) An error exists when handling USB messages within the USB Host component, which can be exploited to cause memory corruption.

12) Multiple errors exist within the WebKit component.

13) An unspecified error within the WebKit component can be exploited to corrupt memory.

14) Another unspecified error within the WebKit component can be exploited to corrupt memory.

15) Multiple other unspecified errors within the WebKit component can be exploited to corrupt memory.

Successful exploitation of the vulnerabilities #4, #5, #8, and #‫12 through #‫15 and weakness #‫11 may allow execution of arbitrary code.

The weaknesses, security issue, and vulnerabilities are reported in versions prior to 7.1 running on iPhone 4 and later, iPod touch (5th generation) and later, and iPad 2 and later.

Solution
Update to version 7.1.
References:
APPLE-SA-2014-03-10-1:
Guillaume Ross:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 27 اسفند 1392

امتیاز

امتیاز شما
تعداد امتیازها: 0