Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: OS (Other) > Apple iOS

Vendors: Apple Computer

Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs

SecurityTracker Alert ID: 1027028

SecurityTracker URL: http://securitytracker.com/id/1027028

CVE Reference: CVE-2012-0672, CVE-2012-0674 (Links to External Site)

Updated: May 10 2012

Original Entry Date: May 7 2012

Impact: Execution of arbitrary code via network, Modification of system information, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): prior to 5.1.1; iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Description: Two vulnerabilities were reported in Apple iOS. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can spoof the address bar URL.

A remote user can create a specially crafted file that, when loaded by the target user, will trigger a memory corruption error in WebKit and execute arbitrary code on the target system [CVE-2012-0672]. The code will run with the privileges of the target user.

Adam Barth and Abhishek Arya of the Google Chrome Security Team reported this vulnerability.

A remote user can create specially crafted HTML that, when loaded by the target user, will exploit a flaw in Safari and direct the target user to a spoofed site with a URL that appears to be a legitimate domain [CVE-2012-0674]. OS X is not affected.

David Vieira-Kurz of MajorSecurity reported this vulnerability.

Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can spoof the address bar URL.

Solution: The vendor has issued a fix (5.1.1).

The vendor's advisory is available at:

http://support.apple.com/kb/HT5278

Vendor URL: support.apple.com/kb/HT5278 (Links to External Site)

Cause: Access control error, Input validation error

Underlying OS:

Message History: None.

Source Message Contents

Date: Mon, 07 May 2012 20:27:49 +0000
Subject: Apple iOS


Excerpt from: 

APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update

WebKit
Available for:  iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  A memory corruption issue existed in WebKit.
CVE-ID
CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome
Security Team

Safari
Available for:  iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact:  A maliciously crafted website may be able to spoof the
address in the location bar
Description:  A URL spoofing issue existed in Safari. This could be
used in a malicious web site to direct the user to a spoofed site
that visually appeared to be a legitimate domain. This issue is
addressed through improved URL handling. This issue does not affect
OS X systems.
CVE-ID
CVE-2012-0674 : David Vieira-Kurz of MajorSecurity
(majorsecurity.net)

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC