Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3442

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2011-3442
Last Modified 14 Feb 2012 11:10:18
Published 11 Nov 2011 01:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-3442

Summary

The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app.

Vulnerable Systems

Operating System

  • Apple Iphone Os 4.3.0

  • Apple Iphone Os 4.3.1

  • Apple Iphone Os 4.3.2

  • Apple Iphone Os 4.3.3

  • Apple Iphone Os 4.3.4

  • Apple Iphone Os 4.3.5

  • Apple Iphone Os 5.0


References

CONFIRM - http://support.apple.com/kb/HT5052

APPLE - APPLE-SA-2011-11-10-1

SECTRACK - 1026287


Last Updated: 27 May 2016 10:58:15