iPod touch
4. *Vulnerable packages*
. iPhone v1.1.4 and v2.0
. iPod touch v1.1.4 and v2.0
5. *Non-vulnerable packages*
. iPhone v2.1
attackers to spoof arbitrary SSL servers via a crafted certificate
issued by a legitimate Certification Authority, a related issue to
CVE-2009-2408 (CVE-2009-2702).
The JavaScript garbage collector in WebKit in Apple Safari before
4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1
through 2.2.1 does not properly handle allocation failures, which
allows remote attackers to execute arbitrary code or cause a denial
of service (memory corruption and application crash) via a crafted
HTML document that triggers write access to an offset of a NULL
pointer. (CVE-2009-1687).
crash) or possibly have unspecified other impact via a large precision
value in the format argument to a printf function, related to an
array overrun. (CVE-2009-0689)
The JavaScript garbage collector in WebKit in Apple Safari before
4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1
through 2.2.1 does not properly handle allocation failures, which
allows remote attackers to execute arbitrary code or cause a denial
of service (memory corruption and application crash) via a crafted
HTML document that triggers write access to an offset of a NULL
pointer. (CVE-2009-1687)
Nov 11, 2010
I. BACKGROUND
The OfficeImport framework is an API used by Apple's mobile devices,
including the iPod Touch, iPhone, and iPad. The framework is used to
parse and display Microsoft Office file formats, such as Excel, Word,
and PowerPoint. The OfficeImport framework is used by several
applications, including MobileMail and MobileSafari. Both of these
applications are attack vectors for this vulnerability. For more
information, see the vendor's site found at the following link.
Mar 21, 2011
I. BACKGROUND
The OfficeImport framework is an API used by Apple's mobile devices,
including the iPod Touch, iPhone, and iPad. The framework is used to
parse and display Microsoft Office file formats, such as Excel, Word,
and PowerPoint. The OfficeImport framework is used by several
applications, including MobileMail and MobileSafari. Both of these
applications are attack vectors for this vulnerability. For more
information, see the vendor's site found at the following link.
Fell quite behind on this one, here it is.
___________________________________________________________________
Phone &iPod Touch - Remote arbritary code execution
___________________________________________________________________
Reference : [GSEC-TZO-45-2009] - iPhone remote arbritary code execution
WWW : http://www.g-sec.lu/iphone-remote-code-exec.html
the context of the application.
-- Vendor Response:
Apple states:
this issue was fixed in Safari 4.0.5, and iOS 4 for iPhone and iPod
touch iOS 3.2
iOS 4: http://support.apple.com/kb/HT4225
Safari 4.0.5: http://support.apple.com/kb/HT4070
-- Disclosure Timeline:
2010-02-18 - Vulnerability reported to vendor
III. AFFECTED PRODUCTS
---------------------------
Apple Safari version 5.0.4 and prior for Windows and Mac OS X
Apple iOS versions 3.0 through 4.3.1 for iPhone 3GS and later
Apple iOS versions 3.1 through 4.3.1 for iPod touch (3rd generation) and
later
Apple iOS versions 3.2 through 4.3.1 for iPad
Apple iOS versions 4.2.5 through 4.2.6 for iPhone 4 (CDMA)
Vendor: Apple (http://www.apple.com)
Product: iOS
Version affected: Versions Prior to 5.0b4, 4.3.5, and 4.2.10
Product description:
iOS is Apple's mobile operating system for the iPhone, iPod Touch, and iPad
hardware platforms.
Credit: Paul Kehrer of Trustwave
Finding: iOS SSL Implementation Does Not Validate Certificate Chain
Oct 12, 2011
I. BACKGROUND
The OfficeImport framework is an API used by Apple's mobile devices,
including the iPod Touch, iPhone, and iPad. The framework is used to
parse and display Microsoft Office file formats, such as Excel, Word,
and PowerPoint. The OfficeImport framework is used by several
applications, including MobileMail and MobileSafari. Both of these
applications are attack vectors for this vulnerability. For more
information, see the vendor's site found at the following link.
Hello,
Next Friday I will be running a web-based challenges contest. Winner will
be awarded with the new iPod touch from Apple. Thanks to Hispasec Sistemas
(you probably know them as the makers of VirusTotal service) from
sponsoring the prize.
Full info (registration currently open):
http://www.rs-labs.com/rooted2010-ctf/
Overview:
Quoting http://www.apple.com/safari/:
"What is Safari ?
It's a browser. It's a platform. It's an open invitation to innovate.
Whether on a Mac, PC, iPhone, or iPod touch, Safari continuously
redefines the browser, providing the most enjoyable way to experience
the Internet."
Overview:
Quoting http://www.apple.com/safari/:
"What is Safari ?
It's a browser. It's a platform. It's an open invitation to innovate.
Whether on a Mac, PC, iPhone, or iPod touch, Safari continuously
redefines the browser, providing the most enjoyable way to experience
the Internet."
found them internally or somebody else reported the same
bugs that I'm reporting, you (Apple) have to credit me
for my findings for the simple reason that I'm reporting
them to you instead of releasing them to the public
while the bugs are not fixed. That said, I've checked
all the credits given in "iPhone 2.0 and iPod touch 2.0"
(http://support.apple.com/kb/HT2351) and the ones given
in "QuickTime 7.5" (http://support.apple.com/kb/HT1991),
and I haven't been credited in any of them. This is a
clear violation of our RFP. If by Monday, July 14th 2008
the proper credits are not given to me, I'll release all
types and authentication methods, including credential-based (PEAP and
TTLS) and certificate-based (TLS).ˇ For certificate-based
environments, XpressConnect?s integration technology seamlessly
connects to existing Microsoft CA servers to extend automated
certificate issuance to non-domain devices, including iOS (iPhone,
iPad, iPod Touch), Android, Windows, Mac OS X, and Linux.
The Open1X Group
The Open1X Group is a strategic research and development group
established in 2001 to support the creation and adoption of secure
authentication systems over traditionally insecure network connection.
This affects at least two widely used products: Pidgin <= 2.5.8 [1] and
Adium <= 1.3.5 [2].
According to their website [3], Libpurple is also used by:
. Apollo IM - IM application for the iPhone and iPod Touch.
. EQO - an IM program for mobile phones.
. Finch - a text-based IM program that works well in Linux and other
Unixes.
. Instantbird - a graphical IM program based on Mozilla's XUL framework.
. Meebo - a web-based IM program.
Roman Medina-Heigl Hernandez escribi:
> Hello,
>
> Next Friday I will be running a web-based challenges contest. Winner will
> be awarded with the new iPod touch from Apple. Thanks to Hispasec Sistemas
> (you probably know them as the makers of VirusTotal service) from
> sponsoring the prize.
>
> Full info (registration currently open):
> http://www.rs-labs.com/rooted2010-ctf/
|
