Apple has shipped a patch to cover five documented vulnerabilities that expose iPhone and iPod Touch users to malicious hacker attacks.
The most serious flaw could allow remote code execution if an iPhone/iPod Touch user opens audio and image files.
Here’s the skinny on the vulnerabilities being patched with this iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod Touch update:
- CoreAudio (CVE-2010-0036) — A buffer overflow exists in the handling of mp4 audio files. Playing a maliciously crafted mp4 audio file may lead to an unexpected application termination or arbitrary code execution.
-
ImageIO (CVE-2009-2285) – A buffer underflow exists in ImageIO’s handling of TIFF
images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. -
Recovery Mode (CVE-2010-0038) — A memory corruption issue exists in the handling of a
certain USB control message. A person with physical access to the device could use this to bypass the passcode and access the user’s data. - WebKit (CVE-2009-3384) — Multiple input validation issues exist in WebKit’s handling of FTP directory listings. Accessing a maliciously crafted FTP server may lead to information disclosure, unexpected application termination, or execution of arbitrary code.
- WebKit (CVE-2009-2841) — When WebKit encounters an HTML 5 Media Element pointingto an external resource, it does not issue a resource load callback to determine if the resource should be loaded. This may result in undesired requests to remote servers. As an example, the sender of an HTML-formatted email message could use this to determine that the message was read.
This iPhone/iPod Touch update is only available through iTunes and will not appear in the software update utility available in Mac and Windows systems.
.
