Apple iPhone Safari and MobileSafari buffer overflow
| iphone-safari-bo (35577) |
Description:
The Apple iPhone Safari and MobileSafari built-in Web browsers are vulnerable to a buffer overflow. By persuading a victim to visit a specially-crafted Web page, a remote attacker could overflow a buffer and execute arbitrary code on the affected device with administrator privileges.
Platforms Affected:
- Apple, iPhone
- Apple, Safari 3 Beta
Remedy:
Upgrade to the latest version of Apple Safari (3.0.3 beta or later), available from the Apple Safari Web site. See References.
For iPhone:
Refer to APPLE Article ID: 306173 for patch, upgrade, or suggested workaround information. See References.
For Mac OS:
Apply Apple Security Update 2007-007, available from the Apple Web site. See References.
For other distributions:
Contact your vendor for upgrade or patch information.
Consequences:
Gain Access
References:
- Apple Safari 3 Beta Update 3.0.3 , About the security content of Safari 3 Beta Update 3.0.3 at http://docs.info.apple.com/article.html?artnum=306174.
- Apple Safari Web site, Apple - Safari 3 Public Beta at http://www.apple.com/safari/.
- Apple Security Update 2007-007 , About Security Update 2007-007 at http://docs.info.apple.com/article.html?artnum=306172.
- Apple Web site, iPhone at http://www.apple.com/iphone/.
- Apple Web site, Apple security updates at http://docs.info.apple.com/article.html?artnum=61798.
- Independent Security Evaluators Web site , ISE discovers security vulnerabilities in the iPhone at http://www.securityevaluators.com/iphone/.
- iPhone v1.0.1 Update, About the security content of iPhone v1.0.1 Update at http://docs.info.apple.com/article.html?artnum=306173.
- BID-25002: Apple iPhone Mobile Safari Browser Remote Heap Overflow Vulnerability
- CVE-2007-3944: Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier.
- SA26287: Apple iPhone Multiple Vulnerabilities
- SECTRACK ID: 1018439: Safari and iPhone MobileSafari Buffer Overflow Lets Remote Users Execute Arbitrary Code
- VUPEN/ADV-2007-2730: Apple Safari Multiple Remote Code Execution and URL Spoofing Vulnerabilities
- VUPEN/ADV-2007-2731: Apple iPhone Multiple Remote Code Execution and Security Bypass Vulnerabilities
Reported:
Jul 23, 2007
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net
