Apple opublikowało szczegóły uaktualnienia dla iOS 5.1.1 w zakresie bezpieczeństwa
Apple opublikowało szczegóły zmian w zakresie bezpieczeństwa w najnowszym iOS 5.1.1. Oto i one:
Safari
Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A maliciously crafted website may be able to spoof the address in the location bar
Description: A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. This issue is addressed through improved URL handling. This issue does not affect OS X systems.
CVE-ID
CVE-2012-0674 : David Vieira-Kurz of MajorSecurity (majorsecurity.net)
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack
Description: Multiple cross-site scripting issues existed in WebKit.
CVE-ID
CVE-2011-3046 : Sergey Glazunov working with Google’s Pwnium contest
CVE-2011-3056 : Sergey Glazunov
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in WebKit.
CVE-ID
CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome Security Team
Źródło: Apple
Wojtek Pietrusiewicz
Wydawca, fotograf, podróżnik, podcaster – niekoniecznie w tej kolejności. Lubię espresso, mechaniczne zegarki, mechaniczne klawiatury i zwinne samochody.