what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 26287

Secunia Security Advisory 26287
Posted Aug 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Apple iPhone, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, and potentially to compromise a vulnerable system.

tags | advisory, spoof, vulnerability, xss
systems | apple, iphone
SHA-256 | 710d83bc9db47563329e60c80724526c145f7113b5786ad298f947a9bba8f679

Secunia Security Advisory 26287

Change Mirror Download


----------------------------------------------------------------------

BETA test the new Secunia Personal Software Inspector!

The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.

Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/

----------------------------------------------------------------------

TITLE:
Apple iPhone Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA26287

VERIFY ADVISORY:
http://secunia.com/advisories/26287/

CRITICAL:
Highly critical

IMPACT:
Cross Site Scripting, Spoofing, DoS, System access

WHERE:
>From remote

OPERATING SYSTEM:
Apple iPhone 1.x
http://secunia.com/product/15128/

DESCRIPTION:
Some vulnerabilities have been reported in Apple iPhone, which can be
exploited by malicious people to conduct cross-site scripting and
spoofing attacks, and potentially to compromise a vulnerable system.

1) A race condition error when updating a page in combination with
HTTP redirection may allow Javascript code from one page to modify a
redirected page.

2) A boundary error in the Perl Compatible Regular Expressions (PCRE)
library used by the Javascript engine in Safari can be exploited to
cause a heap-based buffer overflow when a user visits a malicious web
page.

Successful exploitation may allow execution of arbitrary code.

3) An HTTP injection issue in XMLHttpRequest can be exploited to
inject arbitrary HTTP requests.

For more information see vulnerability #2 in:
SA25786

4) An error in WebKit within in the handling of International Domain
Name (IDN) support and Unicode fonts embedded in Safari can be
exploited to spoof a URL by registering domain names with certain
international characters that resembles other commonly used
characters.

5) An invalid type conversion when rendering frame sets may allow
execution of arbitrary code.

For more information see vulnerability #1 in:
SA25786

SOLUTION:
Update to version 1.0.1 (downloadable and installable via iTunes).

PROVIDED AND/OR DISCOVERED BY:
1) The vendor credits Lawrence Lai, Stan Switzer, and Ed Rowe of
Adobe Systems, Inc.
2) The vendor credits Charlie Miller and Jake Honoroff of Independent
Security Evaluators.
3) The vendor credits Richard Moore, Westpoint Ltd.
5) The vendor credits Rhys Kidd, Westnet.

ORIGINAL ADVISORY:
http://docs.info.apple.com/article.html?artnum=306173

OTHER REFERENCES:
SA25786:
http://secunia.com/advisories/25786/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close