Impact: A person with physical access to a locked iPad 2 may be able to access some of the user's dataĭescription: When a Smart Cover is opened while iPad 2 is confirming power off in the locked state, the iPad does not request a passcode. When resolving a maliciously crafted hostname, libinfo could return an incorrect result.ĬVE-2011-3441 : Erling Ellingsen of Facebook, Per Johansson of Blocket ABĪvailable for: iOS 4.3 through 5.0 for iPad 2 This issue may lead to a bypass of codesigning checks. This issue does not affect devices running iOS prior to version 4.3.ĬVE-2011-3442 : Charlie Miller of Accuvant Labsĭescription: An issue existed in libinfo's handling of DNS name lookups. Impact: An application may execute unsigned codeĭescription: A logic error existed in the mmap system call's checking of valid flag combinations.
This issue is addressed by configuring default system trust settings so that DigiCert Malaysia's certificates are not trusted. We would like to acknowledge Bruce Morton of Entrust, Inc. An attacker with a privileged network position could intercept user credentials or other sensitive information intended for a site with a certificate issued by DigiCert Malaysia.
DigiCert Malaysia has issued certificates with weak keys that it is unable to revoke. Impact: An attacker with a privileged network position may intercept user credentials or other sensitive informationĭescription: Two certificate authorities in the list of trusted root certificates have independently issued intermediate certificates to DigiCert Malaysia. Impact: Viewing a document containing a maliciously crafted font may lead to arbitrary code executionĭescription: Multiple memory corruption issues existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. When accessing a maliciously crafted HTTP or HTTPS URL, CFNetwork could navigate to an incorrect server.ĬVE-2011-3246 : Erling Ellingsen of Facebook Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive informationĭescription: An issue existed in CFNetwork's handling of maliciously crafted URLs.
Available for: iOS 3.0 through 5.0 for iPhone 3GS, iPhone 4 and iPhone 4S, iOS 3.1 through 5.0 for iPod touch (3rd generation) and later, iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2
0 kommentar(er)
