Computer Security
[EN] no-pyccku

Apple iOS (iOS) security vulnerabilities
updated since 18.07.2011
SecurityVulns ID:11796
Threat Level:
Description:Privilege escalation, code execution via PDF documents.
Affected:APPLE : Apple iOS 4.3
 APPLE : Apple iOS 4.2
CVE:CVE-2011-0228 (The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the basicConstraints parameter during validation of X.509 certificate chains, which allows man-in-the-middle attackers to spoof an SSL server by using a non-CA certificate to sign a certificate for an arbitrary domain.)
 CVE-2011-0227 (The queueing primitives in IOMobileFrameBuffer in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 do not properly perform type conversion, which allows local users to gain privileges via a crafted application.)
 CVE-2011-0226 (Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.)
 CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.)
Original documentdocumentTrustwave Advisories, TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain (26.07.2011)
 documentAPPLE, APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone (26.07.2011)
 documentAPPLE, APPLE-SA-2011-07-25-1 iOS 4.3.5 Software Update (26.07.2011)
 documentAPPLE, APPLE-SA-2011-07-15-2 iOS 4.2.9 Software Update for iPhone (18.07.2011)
 documentAPPLE, APPLE-SA-2011-07-15-1 iOS 4.3.4 Software Update (18.07.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod