Vulnerability: Multiple vulnerabilities in iOS
Danger: High
Patch: Yes
Number of vulnerabilities: 4
CVE ID: CVE-2012-3748
CVE-2012-3749
CVE-2012-3750
CVE-2012-5112
Impact:
– Disclosure of system information;
– Bypass Security;
– Compromise of the system.
Affected products:- Apple iOS 6.x for iPhone 3GS and Lattre; – Apple iOS for iPad 6.x; – Apple iOS for iPod touch 6.x. |
Affected versions:- Apple iOS versions up to 6.0.1 for iPhone 3GS and later – Apple iOS versions up to 6.0.1 for iPad – Apple iOS versions up to 6.0.1 for iPod touch |
Description:
Which can be exploited by malicious people to compromise a vulnerable system.
1. An error in the processing of certain core API. This can be exploited to disclose OSBundleMachOHeaders key.
2. An error in the component lock passwords. A remote user can gain access to sensitive data in the Passbook.
3. Operating system contains a vulnerable version of WebKit. More information is available at:
https://malwarelist.wordpress.com/2012/11/03/multiple-vulnerabilities-in-apple-safari/
Manufacturer URL: http://apple.com/
Solution: To resolve the vulnerability install the product, version 6.0.1 from the manufacturer.
links: