Top

IOS 4.0.2, APPLE

August 11, 2010 by Post Team 

http://kpisp.net/en/ios-4-0-2/17863/Ios 4.0.2 IOS 4.0.2 Apple has released, as expected due to the beta updates. PDF The update fixes the exploit that was used to jailbreak IOS recently published by jailbreakme, JB browser based.

Explains that Apple does not elaborate further on the security fixes until they have thoroughly investigated the matter, but does mention “embedded malicious sources [that] may allow execution of arbitrary code.

The following is from their website:

Available for: IOS 2.0 through 4.0.1 for the iPhone 3G and later, IOS 2.1 to 4.0 for iPod touch (second generation) and later

Impact: Viewing a PDF document with embedded fonts could allow malicious arbitrary code execution

Description: A stack buffer overflow in the handling of FreeType operation code CFF. Viewing a PDF document with embedded fonts could allow malicious execution of arbitrary code. This problem is addressed through improved bounds checking.

IOSurface

CVE-ID: CVE-2010-2973

Available for: IOS 2.0 through 4.0.1 for the iPhone 3G and later, IOS 2.1 to 4.0 for iPod touch (second generation) and later

Impact: The malicious code runs as the user may obtain system privileges

Description: An integer overflow exists in the property management IOSurface, which could allow malicious code runs as the user to obtain system privileges. This problem is addressed through improved bounds checking.

Report to Team

_________________________________________
Please feel free to send if you have any questions regarding this post , you can contact on

usspost@gmail.com

Disclaimer: The views expressed on this site are that of the authors and not necessarily that of U.S.S.POST.

Comments

Comments are closed.

Bottom