Detections
Analytics

Apple iOS < 4.2 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 5715

Synopsis

The remote host is missing a critical Apple iOS patch update.

Description

The remote mobile host is a using a version of Apple iOS earlier than 4.2. Such versions are potentially affected by multiple vulnerabilities. Apple iOS 4.2 contains security fixes for the following components :

 - Configuration Policies

 - CoreGraphics

 - FreeType

 - iAd Content Display

 - ImageIO

 - libxml

 - Mail

 - Networking

 - OfficeImport

 - Photos

 - Safari

 - Telephony

 - WebKit

 - Multiple components

Solution

Upgrade to Apple iOS 4.2 or later.

See Also

http://support.apple.com/kb/HT4456

http://lists.apple.com/archives/security-announce/2010/Nov/msg00003.html

Plugin Details

Severity: Critical

ID: 5715

Published: 11/23/2010

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Critical

Score: 9.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Patch Publication Date: 11/22/2010

Vulnerability Publication Date: 11/22/2010

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2010-0042, CVE-2010-0051, CVE-2010-0544, CVE-2010-1205, CVE-2010-1384, CVE-2010-1387, CVE-2010-1392, CVE-2010-1394, CVE-2010-1403, CVE-2010-1405, CVE-2010-1407, CVE-2010-1408, CVE-2010-1410, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1421, CVE-2010-1422, CVE-2010-1707, CVE-2010-1757, CVE-2010-1758, CVE-2010-1764, CVE-2010-1770, CVE-2010-1771, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1791, CVE-2010-1793, CVE-2010-1806, CVE-2010-1807, CVE-2010-1811, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1843, CVE-2010-2249, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808, CVE-2010-3053, CVE-2010-3054, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3786, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3814, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3827, CVE-2010-3828, CVE-2010-3829, CVE-2010-3830, CVE-2010-3831, CVE-2010-3832, CVE-2010-4008

BID: 44799, 41174, 42285, 44779, 42034, 42035, 42036, 42037, 42038, 42041, 42044, 42046, 42049, 43047, 43079, 43081, 43083, 44200, 44204, 44206, 44954, 44960, 42621, 42624, 38692, 40644, 40653, 40656, 40657, 40659, 40663, 40666, 40668, 40670, 40672, 40675, 40697, 40698, 40710, 40714, 40732, 40754, 41051, 41053, 43077, 38677, 42045, 42048, 40704, 40717, 41068, 43049, 44784, 44647, 44950, 44952, 44953, 44955, 44956, 44957, 44958, 44959, 44961, 44962, 44969, 44970, 44971, 39958, 43076, 43078, 45006, 45007, 45008, 45010, 45011, 45012