10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.832 High
EPSS
Percentile
98.5%
The mobile device is running a version of iOS that is older than version 6.0. Version 6.0 contains numerous security-related fixes for the following vulnerabilities :
Numerous memory errors exist related to handling ‘TIFF’, ‘PNG’ and ‘JPEG’ images and ‘ImageIO’ that could allow arbitrary code execution. (CVE-2011-1167, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2012-1173, CVE-2012-3726)
Several issues exist related to ‘CoreGraphics’ and ‘FreeType’ (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1142, CVE-2012-1143, CVE-2012-1144)
Numerous issues exist related to libxml and could lead to application crashes or arbitrary code execution.
(CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3919)
A stack-based buffer overflow exists related to ‘locale ID’ and ‘International Components for Unicode’ (ICU).
(CVE-2011-4599)
An unitialized memory access issue exists related to ‘Sorenson’ encoded movie files and ‘CoreMedia’.
(CVE-2012-3722)
An URL handling issue exists related to ‘CFNetwork’ that can disclose sensitive information. (CVE-2012-3724)
The ‘DNAv4’ protocol discloses sensitive information when connecting to unencrypted WiFi networks.
(CVE-2012-3725)
A buffer overflow error exists related to ‘IPSec’ and ‘racoon’ configuration files. (CVE-2012-3727)
An invalid pointer dereference error exists related to the kernel and packet filter ioctls. (CVE-2012-3728)
An uninitialized memory access error exists related to the kernel and the Berkeley Packet Filter interpreter.
(CVE-2012-3729)
Several issues exist related to ‘Mail’ and the handling of attachments and ‘S/MIME’ signed messages.
(CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)
Information disclosure issues exist related to ‘Messages’, ‘Office Viewer’, system logs, and ‘UIKit’.
(CVE-2012-3733, CVE-2012-3734, CVE-2012-3743, CVE-2012-3746)
Memory corruption errors exist related to ‘OpenGL’.
(CVE-2011-3457)
Numerous errors exist related to ‘Passcode Lock’.
(CVE-2012-3735, CVE-2012-3736, CVE-2012-3737, CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)
An error exists in ‘Restrictions’ that could allow unauthorized purchases. (CVE-2012-3741)
Errors exist in ‘Safari’ that are related to misleading URL characters and password auto complete.
(CVE-2012-3742, CVE-2012-0680)
A buffer overflow error exists related to ‘Telephony’ and SMS handling. (CVE-2012-3745)
Many errors exist related to the bundled ‘WebKit’ components. (CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3105, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2815, CVE-2012-2818, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3598, CVE-2012-3599, CVE-2012-3600, CVE-2012-3601, CVE-2012-3602, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3615, CVE-2012-3617, CVE-2012-3618, CVE-2012-3620, CVE-2012-3624, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3647, CVE-2012-3648, CVE-2012-3650, CVE-2012-3651, CVE-2012-3652, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3658, CVE-2012-3659, CVE-2012-3660, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3673, CVE-2012-3674, CVE-2012-3676, CVE-2012-3677, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3684, CVE-2012-3686, CVE-2012-3691, CVE-2012-3693, CVE-2012-3695, CVE-2012-3696, CVE-2012-3703, CVE-2012-3704, CVE-2012-3706, CVE-2012-3708, CVE-2012-3710, CVE-2012-3747)
Binary data apple_ios_60_check.nbin
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2845
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3016
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3021
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3027
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3032
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3034
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3035
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3036
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3037
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3038
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3039
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3040
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3041
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3042
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3043
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3044
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3050
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3053
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3059
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3064
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3067
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3068
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3071
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3074
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3075
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3078
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3081
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3086
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3089
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3090
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3328
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3457
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3913
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3924
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3926
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3966
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3968
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3969
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3971
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0680
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0682
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0683
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1128
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1144
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1520
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1521
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2818
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3589
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3590
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3591
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3592
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3593
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3594
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3595
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3597
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3598
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3599
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3600
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3601
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3602
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3603
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3604
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3605
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3608
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3609
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3610
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3611
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3612
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3613
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3614
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3615
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3617
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3618
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3620
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3625
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3626
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3628
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3629
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3630
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3631
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3633
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3634
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3635
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3636
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3637
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3638
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3639
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3640
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3641
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3642
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3644
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3645
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3646
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3650
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3651
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3653
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3655
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3656
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3659
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3661
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3663
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3664
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3665
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3666
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3667
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3668
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3669
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3670
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3671
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3672
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3673
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3674
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3676
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3677
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3678
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3679
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3680
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3681
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3682
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3683
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3684
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3686
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3691
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3693
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3695
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3696
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3703
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3704
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3706
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3708
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3710
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3722
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3724
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3725
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3726
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3727
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3728
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3729
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3730
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3731
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3733
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3734
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3736
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3737
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3738
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3741
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3742
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3744
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3745
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3746
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3747
lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
support.apple.com/en-us/HT202615