You are here

V-015: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information

November 2, 2012 - 6:00am

Addthis

PROBLEM:

Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information

PLATFORM:

Apple iOS prior to 6.0.1

ABSTRACT:

Three vulnerabilities were reported in Apple iOS.

REFERENCE LINKS:

Apple Article: HT5567
SecurityTracker Alert ID:  1027716
Bugtraq ID:  56363
CVE-2012-3748
CVE-2012-3749
CVE-2012-3750

IMPACT ASSESSMENT:

High

DISCUSSION:

A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a flaw in WebKit in the handling of JavaScript arrays and execute arbitrary code on the target system [CVE-2012-3748].

A local application can exploit a flaw in certain APIs that return a OSBundleMachOHeaders key to determine kernel addresses, which may facilitate the bypass of address space layout randomization protection [CVE-2012-3749].

A physically local user can access Passbook passes without entering a passcode [CVE-2012-3750].

IMPACT:

A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

A physically local user can bypass the screen lock to access Passbook passes.

An application can access potentially sensitive information.

SOLUTION:

The vendor has issued a fix (6.0.1).

Addthis