Apple Security Advisory 2020-11-13-3 - Updates for iOS 14.0 and iPadOS 14.0 address buffer overflow, code execution, cross site scripting, denial of service, information leakage, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
f15d74568f4f6adf383e272deddb869bApple Security Advisory 2020-11-05-2 - iOS 12.4.9 is now available and addresses a code execution vulnerability.
e403bd4c30b82e389c6c41871b8a9527Apple Security Advisory 2020-11-05-1 - iOS 14.2 and iPadOS 14.2 are now available and addresses code execution, integer overflow, out of bounds read, out of bounds write, path sanitization, and use-after-free vulnerabilities.
e316caeb924e1e7eb685c0783a056ddbIt appears that the corona virus Exposure Notifications API for iOS and Android may have a data leakage issue.
f3e9ce294b54d711be777bb3c9716ce7Whitepaper called iOS Swift Anti-Jailbreak Bypass with Frida.
3faa4e36a848fdfbb9d0d8405de46e69Apple Security Advisory 2020-09-16-1 - iOS 14.0 and iPadOS 14.0 are now available and address code execution, cross site scripting, out of bounds read, and out of bounds write vulnerabilities.
bf2d39afbca775367e4876e819239e81This Metasploit module exploits a JIT optimization bug in Safari Webkit. This allows us to write shellcode to an RWX memory section in JavaScriptCore and execute it. The shellcode contains a kernel exploit (CVE-2016-4669) that obtains kernel rw, obtains root and disables code signing. Finally we download and execute the meterpreter payload. This module has been tested against iOS 7.1.2 on an iPhone 4.
193bef4f6ec1463a50a80fcde4b59fa1A PAC and JIT hardening bypass exists in WebKit on iOS.
a3ac179138a9ac48c78209344b6266c3Mocha Telnet Lite for iOS version 4.2 denial of service proof of concept exploit.
07006fb34c3849a7f8b2583b33f722deRTSP for iOS version 1.0 denial of service proof of concept exploit.
9deb3c878023b0b278fe006ec1c53422iOS suffers from a Page Protection Layer (PPL) bypass due to incorrect argument verification in pmap_protect_options_internal() and pmap_remove_options_internal().
880d5a7841d44d213ff1f1ca340b8776Apple Security Advisory 2020-07-15-1 - iOS 13.6 and iPadOS 13.6 are now available and address buffer overflow, bypass, code execution, cross site scripting, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
930c08146b91758658c332bba05db932VIPRE Password Vault iOS application versions 1.100.1090 and below suffer from a man-in-the-middle vulnerability due to a lack of validation of SSL certificates.
82d37852c91e2ee7b39bd7164fcdcea8Apple iOS version 13.5.1 suffers from an issue where it is possible to circumvent the copy and paste restriction from the company profile to the private profile. Thus, it is possible to extract attachments that can be previewed ("Quick Look") in the native Mail client to any private app.
25b8c8457ca8a60d7a3cd815cbaafb53iOS and macOS suffered from a wifi proximity kernel double-free vulnerability in AWDL BSS Steering.
cdd1c47241bd866a69b6c59cc0b23828Apple Security Advisory 2020-06-01-1 - iOS 13.5.1 and iPadOS 13.5.1 are now available and address a code execution vulnerability.
345ba38728f3e0788398c087f24abe34Apple Security Advisory 2020-05-26-1 - iOS 13.5 and iPadOS 13.5 address bypass, code execution, cross site scripting, denial of service, double free, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
3bf84c95f1052ea67704c2a2f7179ba0Apple Security Advisory 2020-05-26-2 - iOS 12.4.7 addresses an out of bounds write vulnerability.
f5e16f5f58e9c69a6bb267396dc8a689Qik Chat version 3.0 for iOS suffers from a command injection vulnerability.
91dac40216ea76f090e89ec3087e917dFile Explorer for iOS version 1.4 suffers from an access bypass vulnerability.
8910745a66b81d5ec6532517286efb89HardDrive version 2.1 for iOS suffers from an arbitrary file upload vulnerability.
695c62431428b0200073ffddb04b953aFile Explorer version 1.4 for iOS suffers from an information disclosure vulnerability.
83b0a4ee978a1cc4ed42917bc32a23a3Transfer Master version 3.3 for iOS suffers from a denial of service vulnerability.
bfb16346108d81a312ef921e89f0b550File Sharing and Chat version 1.0 for iOS suffers from a denial of service vulnerability.
807f8e46aa296b66e21c773f1e5ca723Easy Transfer version 1.7 for iOS suffers from cross site scripting and directory traversal vulnerabilities.
5ee16ac4e4da26fc9a551ef21e0bc001
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed