Monday, 30 June 2014

About the security content of iOS 7.1.2



This document describes the security content of iOS 7.1.2.




For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.


For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.


Where possible, CVE IDs are used to reference the vulnerabilities for further information.


To learn about other Security Updates, see Apple Security Updates.


iOS 7.1.2




  • Certificate Trust Policy


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: Update to the certificate trust policy


    Description: The certificate trust policy was updated. The complete list of certificates may be viewed at http://ift.tt/19f1AAQ.






  • CoreGraphics


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: Viewing a maliciously crafted XBM file may lead to an unexpected application termination or arbitrary code execution


    Description: An unbounded stack allocation issue existed in the handling of XBM files. This issue was addressed through improved bounds checking.


    CVE-ID


    CVE-2014-1354 : Dima Kovalenko of codedigging.com






  • Kernel


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: An application could cause the device to unexpectedly restart


    Description: A null pointer dereference existed in the handling of IOKit API arguments. This issue was addressed through additional validation of IOKit API arguments.


    CVE-ID


    CVE-2014-1355 : cunzhang from Adlab of Venustech






  • launchd


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: A malicious application may be able to execute arbitrary code with system privileges


    Description: A heap buffer overflow existed in launchd's handling of IPC messages. This issue was addressed through improved bounds checking.


    CVE-ID


    CVE-2014-1356 : Ian Beer of Google Project Zero






  • launchd


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: A malicious application may be able to execute arbitrary code with system privileges


    Description: A heap buffer overflow existed in launchd's handling of log messages. This issue was addressed through improved bounds checking.


    CVE-ID


    CVE-2014-1357 : Ian Beer of Google Project Zero






  • launchd


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: A malicious application may be able to execute arbitrary code with system privileges


    Description: An integer overflow existed in launchd. This issue was addressed through improved bounds checking.


    CVE-ID


    CVE-2014-1358 : Ian Beer of Google Project Zero






  • launchd


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: A malicious application may be able to execute arbitrary code with system privileges


    Description: An integer underflow existed in launchd. This issue was addressed through improved bounds checking.


    CVE-ID


    CVE-2014-1359 : Ian Beer of Google Project Zero






  • Lockdown


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: An attacker possessing an iOS device could potentially bypass Activation Lock


    Description: Devices were performing incomplete checks during device activation, which made it possible for malicious individuals to partially bypass Activation Lock. This issue was addressed through additional client-side verification of data received from activation servers.


    CVE-ID


    CVE-2014-1360






  • Lock Screen


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: An attacker in possession of a device may exceed the maximum number of failed passcode attempts


    Description: In some circumstances, the failed passcode attempt limit was not enforced. This issue was addressed through additional enforcement of this limit.


    CVE-ID


    CVE-2014-1352 : mblsec






  • Lock Screen


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: A person with physical access to a locked device may be able to access the application that was in the foreground prior to locking


    Description: A state management issue existed in the handling of the telephony state while in Airplane Mode. This issue was addressed through improved state management while in Airplane Mode.


    CVE-ID


    CVE-2014-1353






  • Mail


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: Mail attachments can be extracted from an iPhone 4


    Description: Data protection was not enabled for mail attachments, allowing them to be read by an attacker with physical access to the device. This issue was addressed by changing the encryption class of mail attachments.


    CVE-ID


    CVE-2014-1348 : Andreas Kurtz of NESO Security Labs






  • Safari


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution


    Description: A use after free issue existed in Safari's handling of invalid URLs. This issue was addressed through improved memory handling.


    CVE-ID


    CVE-2014-1349 : Reno Robert and Dhanesh Kizhakkinan






  • Settings


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password


    Description: A state management issue existed in the handling of the Find My iPhone state. This issue was addressed through improved handling of Find My iPhone state.


    CVE-ID


    CVE-2014-1350






  • Secure Transport


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: Two bytes of uninitialized memory could be disclosed to a remote attacker


    Description: An uninitialized memory access issue existed in the handling of DTLS messages in a TLS connection. This issue was addressed by only accepting DTLS messages in a DTLS connection.


    CVE-ID


    CVE-2014-1361 : Thijs Alkemade of The Adium Project






  • Siri


    Available for: iPhone 4S and later, iPod touch (5th generation) and later, iPad (3rd generation) and later


    Impact: A person with physical access to the phone may be able to view all contacts


    Description: If a Siri request might refer to one of several contacts, Siri displays a list of possible choices and the option 'More...' for a complete contact list. When used at the lock screen, Siri did not require the passcode before viewing the complete contact list. This issue was addressed by requiring the passcode.


    CVE-ID


    CVE-2014-1351 : Sherif Hashim






  • WebKit


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution


    Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.


    CVE-ID


    CVE-2013-2875 : miaubiz


    CVE-2013-2927 : cloudfuzzer


    CVE-2014-1323 : banty


    CVE-2014-1325 : Apple


    CVE-2014-1326 : Apple


    CVE-2014-1327 : Google Chrome Security Team, Apple


    CVE-2014-1329 : Google Chrome Security Team


    CVE-2014-1330 : Google Chrome Security Team


    CVE-2014-1331 : cloudfuzzer


    CVE-2014-1333 : Google Chrome Security Team


    CVE-2014-1334 : Apple


    CVE-2014-1335 : Google Chrome Security Team


    CVE-2014-1336 : Apple


    CVE-2014-1337 : Apple


    CVE-2014-1338 : Google Chrome Security Team


    CVE-2014-1339 : Atte Kettunen of OUSPG


    CVE-2014-1341 : Google Chrome Security Team


    CVE-2014-1342 : Apple


    CVE-2014-1343 : Google Chrome Security Team


    CVE-2014-1362 : Apple, miaubiz


    CVE-2014-1363 : Apple


    CVE-2014-1364 : Apple


    CVE-2014-1365 : Apple, Google Chrome Security Team


    CVE-2014-1366 : Apple


    CVE-2014-1367 : Apple


    CVE-2014-1368 : Wushi of Keen Team (Research Team of Keen Cloud Tech)


    CVE-2014-1382 : Renata Hodovan of University of Szeged / Samsung Electronics


    CVE-2014-1731 : an anonymous member of the Blink development community






  • WebKit


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: A malicious site can send messages to a connected frame or window in a way that might circumvent the receiver's origin check


    Description: An encoding issue existed in the handling of unicode characters in URLs. A maliciously crafted URL could have led to sending an incorrect postMessage origin. This issue was addressed through improved encoding/decoding.


    CVE-ID


    CVE-2014-1346 : Erling Ellingsen of Facebook






  • WebKit


    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later


    Impact: A maliciously crafted website may be able to spoof its domain name in the address bar


    Description: A spoofing issue existed in the handling of URLs. This issue was addressed through improved encoding of URLs.


    CVE-ID


    CVE-2014-1345 : Erling Ellingsen of Facebook





Important: Mention of third-party websites and products is for informational purposes only and constitutes neither an endorsement nor a recommendation. Apple assumes no responsibility with regard to the selection, performance or use of information or products found at third-party websites. Apple provides this only as a convenience to our users. Apple has not tested the information found on these sites and makes no representations regarding its accuracy or reliability. There are risks inherent in the use of any information or products found on the Internet, and Apple assumes no responsibility in this regard. Please understand that a third-party site is independent from Apple and that Apple has no control over the content on that website. Please contact the vendor for additional information.


Last Modified: Jun 30, 2014



One Moment Please


Thanks for your feedback.





Additional Product Support Information




No comments:

Post a Comment