Apple사에서 제공하는 iPod touch, iPhone, iPad 제품군에서 사용하는 모바일 운영체제가 성능 개선 및 보안 문제 취약점과 관련된 문제를 해결한 Apple iOS 4.3 버전이 공개되었습니다.
이번 업데이트에서는 악의적으로 조작된 FreeType 폰트를 실행할 경우 다중 취약점을 이용한 원격 코드 실행, 악의적으로 조작된 TIFF 이미지를 볼 경우 원격 코드 실행, Safari에서 제공하는 쿠키(Cookie) 파일 삭제 기능이 정상적으로 동작하지 않는 문제, WebKit에 존재하는 다중 메모리 변조 취약점을 이용하여 악의적으로 조작된 인터넷 사이트 방문시 원격 코드 실행 등 총 60건의 보안 취약점 문제를 해결하였으므로 참고하시기 바랍니다.
1. CoreGraphics (1)
(1) CVE-2010-3855 : Multiple vulnerabilities in FreeType
- Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font.
2. ImageIO (2)
(1) CVE-2011-0191 : Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution
- A buffer overflow existed in libTIFF's handling of JPEG encoded TIFF images.
(2) CVE-2011-0192 : Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution
- A buffer overflow existed in libTIFF's handling of CCITT Group 4 encoded TIFF images.
3. libxml (1)
(1) CVE-2010-4494 : Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
- A double free issue existed in libxml's handling of XPath expressions.
4. Networking (1)
A server may be able to identify a device across connections : The IPv6 address chosen by the device contains the device's MAC address when using stateless address autoconfiguration (SLAAC). An IPv6 enabled server contacted by the device can use the address to track the device across connections. This update implements the IPv6 extension described in RFC 3041 by adding a temporary random address used for outgoing connections.
5. Safari (2)
(1) CVE-2011-0158 : Visiting a maliciously crafted website may cause MobileSafari to exit on launch
(2) CVE-2011-0159 : Clearing cookies in Safari Settings may have no effect
- In some circumstances, clearing cookies via Safari Settings while Safari is running has no effect. This issue is addressed through improved handling of cookies. This issue does not affect systems prior to iOS 4.0.
6. WebKit (52)
(1) CVE-2010-1792 / CVE-2010-1824 / CVE-2011-0111 / CVE-2011-0112 / CVE-2011-0113 / CVE-2011-0114 / CVE-2011-0115 / CVE-2011-0116 / CVE-2011-0117 / CVE-2011-0118 / CVE-2011-0119 / CVE-2011-0120 / CVE-2011-0121 / CVE-2011-0122 / CVE-2011-0123 / CVE-2011-0124 / CVE-2011-0125 / CVE-2011-0126 / CVE-2011-0127 / CVE-2011-0128 / CVE-2011-0129 / CVE-2011-0130 / CVE-2011-0131 / CVE-2011-0132 / CVE-2011-0133 / CVE-2011-0134 / CVE-2011-0135 / CVE-2011-0136 / CVE-2011-0137 / CVE-2011-0138 / CVE-2011-0140 / CVE-2011-0141 / CVE-2011-0142 / CVE-2011-0143 / CVE-2011-0144 / CVE-2011-0145 / CVE-2011-0146 / CVE-2011-0147 / CVE-2011-0148 / CVE-2011-0149 / CVE-2011-0150 / CVE-2011-0151 / CVE-2011-0152 / CVE-2011-0153 / CVE-2011-0154 / CVE-2011-0155 / CVE-2011-0156 / CVE-2011-0157 / CVE-2011-0168 : Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
- Multiple memory corruption issues exist in WebKit.
(2) CVE-2011-0160 : HTTP Basic Authentication credentials may be inadvertently disclosed to another site
- If a site uses HTTP Basic Authentication and redirects to another site, the authentication credentials may be sent to the other site. This issue is addressed through improved handling of credentials.
(3) CVE-2011-0161 : Visiting a maliciously crafted website may lead to cross-site style declarations
- A cross-origin issue existed in WebKit's handling of the Attr.style accessor. Visiting a maliciously crafted website may allow the site to inject CSS into other documents. This issue is addressed by removing the Attr.style accessor.
(4) CVE-2011-0163 : A maliciously crafted website may be able to prevent other sites from requesting certain resources
- A cache poisoning issue existed in WebKit's handling of cached resources. A maliciously crafted website may be able to prevent other sites from requesting certain resources. This issue is addressed through improved type checking.
7. Wi-Fi (1)
(1) CVE-2011-0162 : When connected to Wi-Fi, an attacker on the same network may be able to cause a device reset
- A bounds checking issue existed in the handling of Wi-Fi frames.
해당 iPod touch, iPhone, iPad 제품군을 사용하시는 분들은 반드시 최신 버전의 OS로 업데이트를 하시고 이용하시기 바랍니다.