libnetcore in Apple iOS prior to 8.3, Apple OS X prior to 10.10.3, and Apple TV prior to 7.2 allows malicious users to cause a denial of service (memory corruption and application crash) via a crafted configuration profile.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple tvos |
||
apple mac os x |
||
apple iphone os |
'Phantom' hack sends your iThings into a tailspin of torpor
A vulnerability fixed in this week's Apple patch run can easily brick iPhones, researchers say. The flaw (CVE-2015-1118) dubbed "Phantom" allows attackers who can trick users into changing their iDevice proxy settings to tap into multiple use-after-free vulnerabilities. Doing so causes constant ubiquitous app crashing including the system platform. Rebooting sends affected devices into a "coma" state. FireEye bods Zhaofeng Chen; Hui Xue; Tao Wei, and Yulong Zhang, say attackers could set up larg...