Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information
Apple iOS prior to 6.0.1
Three vulnerabilities were reported in Apple iOS.
A local application can exploit a flaw in certain APIs that return a OSBundleMachOHeaders key to determine kernel addresses, which may facilitate the bypass of address space layout randomization protection [CVE-2012-3749].
A physically local user can access Passbook passes without entering a passcode [CVE-2012-3750].
A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
A physically local user can bypass the screen lock to access Passbook passes.
An application can access potentially sensitive information.