Apple plugs remote-code execution flaws in iPhone

By

Exchange issues, exposed passwords and much more.

Apple has plugged several security holes in its iPhone and iPod Touch OS, one of which could allow criminals to take over a vulnerable device by injecting and executing malicious code on the device if the victim visits a malicious website.

Apple plugs remote-code execution flaws in iPhone

According to an Apple security advisory, the updated version of its mobile operating system (3.1 for iPhone and 3.1.1 for iPod Touch), fixes numerous holes that could open users to a variety of attacks, both remotely and by malicious users with physical access to a vulnerable device.

The most dangerous flaw (CVE-2009-1725) was present in all previous versions of the mobile OS and could "lead to an unexpected application termination or arbitrary code execution" if the user visits a maliciously crafted website. A similar flaw (CVE-2009-1724) could allow a cross-site scripting attack if the user visits a malicious website.

Phishing attacks could be enhanced by exploiting a vulnerability (CVE-2009-2199) that allows fraudsters to create copycat web sites in order to extract personal information from unsuspecting users.

According to the advisory, "The International Domain Name (IDN) support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain."

A buffer overflow error (CVE-2009-2206) opens users to remote code execution when the device opens a specially crafted MP3 or AAC file.

Users who connect to a Microsoft Exchange server via their iPhone or iPod Touch are also affected by a flaw labelled CVE-2009-2794. Apple warns that if the device falls into the wrong hands, it would be possible to access an exchange server even if the timeout period set by the Exchange administrator has expired.

According to Apple, once the timeout period has expired, users are required to re-enter their password. However, exploitation of the flaw creates "a window of time for a person with physical access to use the device, including Exchange services."

Other vulnerabilities include one that exposes hidden passwords (CVE-2009-2796), and one that allows access an iPhone even if it is locked (CVE-2009-2795). A flaw in MobileMail means emails that were deleted could still appear in a Spotlight search(CVE-2009-2207). Apple also fixed an issue that revealed usernames and passwords in URLs (CVE-2009-2797).

Apple was unavailable for comment.

Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?