SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Other)  >   Apple iOS Vendors:   Apple
Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Local Users Access Information and Gain Elevated Privileges
SecurityTracker Alert ID:  1032050
SecurityTracker URL:  http://securitytracker.com/id/1032050
CVE Reference:   CVE-2015-1085, CVE-2015-1086, CVE-2015-1087, CVE-2015-1090, CVE-2015-1092, CVE-2015-1094, CVE-2015-1097, CVE-2015-1106, CVE-2015-1107, CVE-2015-1108, CVE-2015-1109, CVE-2015-1110, CVE-2015-1111, CVE-2015-1113, CVE-2015-1114, CVE-2015-1115, CVE-2015-1116, CVE-2015-1123, CVE-2015-1125   (Links to External Site)
Date:  Apr 9 2015
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 8.3
Description:   Multiple vulnerabilities were reported in Apple iOS. A remote user can cause arbitrary code to be executed on the target user's system. A local user can obtain elevated privileges on the target system. A local user can obtain passwords or potentially sensitive information on the target system. A remote user can obtain potentially sensitive information on the target system. A remote user can conduct click-jacking attacks.

An application can access an iOS interface to guess the target user's passcode [CVE-2015-1085].

An application can trigger a metadata validation flaw in IOKit audio driver objects to execute arbitrary code with system privileges [CVE-2015-1086].

A remote user with access to the backup system can exploit a relative path bug in the backup system to access restricted areas of the file system [CVE-2015-1087].

The TaiG Jailbreak Team reported this vulnerability.

The system may not fully delete Safari browsing history due to an error in clearing saved HTTP Strict Transport Security state [CVE-2015-1090].

An application can invoke the NSXMLParser to obtain potentially sensitive information [CVE-2015-1092].

Ikuya Fukumoto reported this vulnerability.

An application can exploit a flaw in IOAcceleratorFamily to determine kernel memory layout [CVE-2015-1094].

Cererdlong of Alibaba Mobile Security Team reported this vulnerability.

An application can exploit a flaw in MobileFrameBuffer to determine kernel memory layout [CVE-2015-1097].

Barak Gabai of the IBM X-Force Application Security Research Team reported this vulnerability.

When a user is using Bluetooth keyboards, QuickType may learn the user's passcode [CVE-2015-1106].

Jarrod Dwenger, Steve Favorito, Paul Reedy of ConocoPhillips, Pedro Tavares of Molecular Biophysics at UCIBIO/FCT/UNL, De Paul Sunny, and Christian Still of Evolve Media, Canada reported this vulnerability.

A physically local user can cause the device to prevent erasure of the system after failed passcode attempts [CVE-2015-1107].

Brent Erickson, Stuart Ryan of University of Technology, Sydney reported this vulnerability.

A physically local user can exceed the maximum number of failed passcode attempts [CVE-2015-1108].

A physically local user may exploit a flaw in VPN configuration logging to recover VPN credentials [CVE-2015-1109].

Josh Tway of IPVanish reported this vulnerability.

When a user downloads a podcast, the system may send unique identifiers to external servers [CVE-2015-1110].

Alex Selivanov reported this vulnerability.

Safari does not clear the 'Recently closed tabs' from the history when browsing history is deleted [CVE-2015-1111].

Frode Moe of LastFriday.no reported this vulnerability.

An application can exploit a flaw in the sandbox profile to access phone numbers or email addresses of recent contacts [CVE-2015-1113].

Andreas Kurtz of NESO Security Labs and Markus TroBbach of Heilbronn University reported this vulnerability.

An application may be able to access hardware identifiers [CVE-2015-1114].

An application can exploit an access control flaw in the telephony subsystem to access restricted functions [CVE-2015-1115].

Andreas Kurtz of NESO Security Labs and Markus TroBbach of Heilbronn University reported this vulnerability.

A UIKit error may fail to blur application snapshots in the Task Switcher. A physically local user may be able to view potentially sensitive information [CVE-2015-1116].

The mobile app team at HP Security Voltage, Aaron Rogers of Mint.com, David Edwards of Tech4Tomorrow, and David Zhang of Dropbox reported this vulnerability.

A remote user can create specially crafted HTML that, when loaded by the target user, will trigger memory corruption errors in WebKit and execute arbitrary code on the target system [CVE-2015-1123].

Randy Luecke and Anoop Menon of Google Inc reported this vulnerability.

A remote user can create specially crafted HTML that, when loaded by the target user, may cause the user to click on a different web site [CVE-2015-1125].

Phillip Moon and Matt Weston of www.sandfield.co.nz reported this vulnerability.

Impact:   A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

An application can obtain elevated privileges on the target system, guess the target user's passcode, and/or obtain potentially sensitive information.

A remote user can obtain potentially sensitive information.

A physically local user can can exceed the maximum number of failed passcode attempts, prevent erasure of the system after failed passcode attempts, view potentially sensitive information, and/or recover VPN credentials.

Solution:   The vendor has issued a fix (8.3).

The vendor's advisory is available at:

https://support.apple.com/kb/HT204661

Vendor URL:  support.apple.com/kb/HT204661 (Links to External Site)
Cause:   Access control error, Input validation error

Message History:   This archive entry has one or more follow-up message(s) listed below.
May 19 2015 (Apple Issues Fix for Apple Watch) Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Local Users Access Information and Gain Elevated Privileges
Apple Computer has issued a fix for Apple Watch.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC