Apple opublikowało szczegóły uaktualnienia dla iOS 5.1.1 w zakresie bezpieczeństwa

08/05/2012, 11:08 · · · 0

Apple opublikowało szczegóły zmian w zakresie bezpieczeństwa w najnowszym iOS 5.1.1. Oto i one:

Safari

Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Impact: A maliciously crafted website may be able to spoof the address in the location bar

Description: A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. This issue is addressed through improved URL handling. This issue does not affect OS X systems.

CVE-ID

CVE-2012-0674 : David Vieira-Kurz of MajorSecurity (majorsecurity.net)

WebKit

Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack

Description: Multiple cross-site scripting issues existed in WebKit.

CVE-ID

CVE-2011-3046 : Sergey Glazunov working with Google’s Pwnium contest

CVE-2011-3056 : Sergey Glazunov

WebKit

Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

Description: A memory corruption issue existed in WebKit.

CVE-ID

CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome Security Team

Źródło: Apple



0

Wojtek Pietrusiewicz

Wydawca, fotograf, podróżnik, podcaster – niekoniecznie w tej kolejności. Lubię espresso, mechaniczne zegarki, mechaniczne klawiatury i zwinne samochody.