CVE-2011-3442

high

Description

The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app.

References

http://www.securitytracker.com/id?1026287

http://support.apple.com/kb/HT5052

http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html

Details

Source: Mitre, NVD

Published: 2011-11-11

Updated: 2012-02-15

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: High