Apple iOS for iPhone/iPad/iPod touch Privilege Escalation Vulnerability

Apple iOS for iPhone, iPod touch, and iPad is prone to a local privilege-escalation vulnerability that affects the 'IOSurface' component.

Successfully exploiting this issue can allow attackers to elevate privileges, leading to a complete compromise of the device.

iOS versions 4.0.1 and prior are vulnerable.

NOTE (August 12, 2010): This BID was previously titled 'Apple iOS Multiple Vulnerabilities' and included details about a remote code-execution vulnerability. Following further analysis, we determined that the remote code-execution issue was already documented in BID 42241 (FreeType Compact Font Format (CFF) Multiple Stack Based Buffer Overflow Vulnerabilities).


Privacy Statement
Copyright 2010, SecurityFocus