RETIRED: Apple iPhone/iPod touch Prior to iOS 4 Multiple Vulnerabilities

Apple iOS for iPhone and iPod touch is prone to multiple security vulnerabilities, including information-disclosure, remote code-execution, denial-of-service, security-bypass, and spoofing issues. These issues affect the Sandbox, CFNetwork, ImageIO, Passcode Lock, Safari, Settings, and WebKit components.

Successfully exploiting these issues may allow attackers to crash the affected device, bypass security restrictions, obtain sensitive information, or execute arbitrary code. Other attacks are also possible.

Versions prior to iOS 4 are vulnerable.

This BID is being retired. The following individual records exist to better document the issues:

41047 Apple iPhone and iPod touch Application Sandbox User Photo Library Security Bypass Vulnerability
41048 Apple iPhone/iPod touch Prior to iOS 4 Wireless Network Security Weakness
41049 Apple iPhone/iPod touch Prior to iOS 4 URI Stack Based Buffer Overflow Vulnerability
41051 WebKit 'history.replaceState' Cross-Origin Information Disclosure Vulnerability
41052 Apple iPhone/iPod touch Prior to iOS 4 JPEG File Buffer Overflow Vulnerability
41053 WebKit 'JavaScriptCore' Page Transition Remote Code Execution Vulnerability
41054 WebKit Table Handling Remote Code Execution Vulnerability
41065 Apple iPhone/iPod touch Prior to iOS 4 Safari Security Bypass Vulnerability
41066 Apple iPhone and iPod touch Race Condition Security Bypass Vulnerability
41067 Apple iPhone/iPod touch Prior to iOS 4 Passcode Lock Authentication Bypass Vulnerability
41068 WebKit User Interface Cross Domain Spoofing Vulnerability


 

Privacy Statement
Copyright 2010, SecurityFocus