All Hot News World. Public world blog, journal online reviewed.

iPhone Operating System, PacketStorm Security

RSS feed: iPhone Operating System, PacketStorm Security
Wed, 07 Aug 2019 23:44:28 GMT
Operating System: iPhone ≈ Packet Storm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers [ + ]
Thu, 04 Jul 2019 14:34:02 GMT
iOS Messaging Tools
This repository contains several tools Project Zero uses to test iPhone messaging. It includes SmsSimulator: an SMS simulator for iPhone, iMessage: tools for sending and dumping iMessage messages, and imapiness: a fuzzer for IMAP clients. See the directory for each tool for further instructions and contact information. This is not an officially supported Google product. These tools were released and presented at BlackHat USA 2019. [ + ]
Tue, 21 May 2019 23:44:33 GMT
iPhone iMessage Malformed Message Bricking
An issue exists where a malformed iMessage can brick an iPhone. A method in IMCore can throw an NSException due to a malformed message containing a property with key IMExtensionPayloadLocalizedDescriptionTextKey with a value that is not a NSString. [ + ]
Mon, 03 Sep 2018 04:44:44 GMT
Visual Voicemail For iPhone IMAP NAMESPACE Use-After-Free
Visual Voicemail for iPhone suffers from a use-after-free vulnerability in IMAP NAMESPACE processing. [ + ]
Thu, 09 Apr 2015 03:33:33 GMT
Symantec Mobile Encryption For iPhone 2.1.0 Denial Of Service
Symantec Mobile Encryption for iPhone version 2.1.0 suffers from a denial of service vulnerability. [ + ]
Mon, 25 Aug 2014 09:33:33 GMT
WordPress Windows Desktop And iPhone Photo Uploader File Upload
WordPress Windows Desktop and iPhone Photo Uploader plugin suffers from a remote shell upload vulnerability. [ + ]
Wed, 04 Sep 2013 03:55:53 GMT
Air Transfer Iphone 1.3.9 Arbitrary File Download
Air Transfer Iphone version 1.3.9 suffers from remote denial of service and unauthenticated file access vulnerabilities. [ + ]
Wed, 04 Sep 2013 03:37:10 GMT
Packet Storm Advisory 2013-0903-1 - Apple Safari Heap Buffer Overflow
A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native code to compare array items. If this compare function reduces array length, then the trailing array items will be written outside the "m_storage->m_vector[]" buffer, which leads to the heap memory corruption. This finding was purchased through the Packet Storm Bug Bounty program. [ + ]
Wed, 13 Feb 2013 03:00:01 GMT
Packet Storm Exploit 2013-0903-1 - Apple Safari Heap Buffer Overflow
A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. The exploit for this vulnerability is javascript code which shows how to use it for memory corruption of internal JS objects (Unit32Array and etc.) and subsequent arbitrary code execution (custom ARM/x64 payloads can be pasted into the JS code). This exploit affects Apple Safari version 6.0.1 for iOS 6.0 and OS X 10.7/8. Earlier versions may also be affected. It was obtained through the Packet Storm Bug Bounty program. [ + ]
Fri, 08 Feb 2013 03:40:19 GMT
Transferable Remote 1.1 XSS / LFI / Command Injection
Transferable Remote version 1.1 for iPad and iPhone suffers from cross site scripting, remote command injection, and local file inclusion vulnerabilities. [ + ]
Thu, 22 Nov 2012 18:22:22 GMT
Air Disk Wireless 1.9 LFI / Command Injection
Air Disk Wireless version 1.9 for iPad and iPhone suffers from local file inclusion and command injection vulnerabilities. [ + ]
Thu, 12 Jul 2012 11:11:11 GMT
Twitter 5.0 Eavesdropping Proof Of Concept
The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included. [ + ]
Sun, 06 May 2012 01:48:08 GMT
Forensic Analysis Of iPhone Backups
This article explains the technical procedure and challenges involved in extracting data and artifacts from iPhone backups. [ + ]
Mon, 23 Apr 2012 18:55:33 GMT
iOS Application (In)Security
This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance. [ + ]
Sat, 21 Jan 2012 05:18:29 GMT
IPhone TreasonSMS HTML Injection / File Inclusion
IPhone TreasonSMS suffers from html injection and file inclusion vulnerabilities. [ + ]
Fri, 20 Jan 2012 13:22:22 GMT
Vopium Clear Text Disclosure
Vopium for Android and iPhone leaks various data such as your password by passing it in the clear. [ + ]
Wed, 07 Dec 2011 16:09:44 GMT
iPhone Forensics On iOS 5
This is a brief whitepaper discussing how to perform forensics on iOS 5 on the iPhone. [ + ]
Tue, 09 Aug 2011 16:54:28 GMT
Hacking iOS Devices
Whitepaper called Hacking Dispositivos iOS. It demonstrates how dangerous it is to be connected to a wireless network with an iOS device that has OpenSSH enabled. Written in Spanish. [ + ]
Sun, 17 Apr 2011 06:25:13 GMT
iPhone/iPad Phone Drive 1.1.1 Directory Traversal
iPhone/iPad Phone Drive version 1.1.1 suffers from a directory traversal vulnerability. [ + ]
Thu, 24 Mar 2011 08:52:53 GMT
Secunia Security Advisory 44154
Secunia Security Advisory - Some vulnerabilities has been reported in Apple iOS for iPhone 4 (CDMA), which can be exploited by malicious people to compromise a vulnerable device. [ + ]
Tue, 22 Mar 2011 20:31:31 GMT
Secunia Security Advisory 43832
Secunia Security Advisory - A vulnerability has been reported in Apple iPhone iOS, which can be exploited by malicious people to compromise a vulnerable device. [ + ]
Tue, 15 Mar 2011 01:28:26 GMT
Zero Day Initiative Advisory 11-109
Zero Day Initiative Advisory 11-109 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on the iPhone. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for parsing Office files. When handling the OfficeArtMetafileHeader the process trusts the cbSize field and performs arithmetic on it before making an allocation. As the result is not checked for overflow, the subsequent allocation can be undersized. Later when copying into this buffer, memory can be corrupted leading to arbitrary code execution under the context of the mobile user on the iPhone. [ + ]
Thu, 10 Mar 2011 22:42:22 GMT
Checkview 1.1 For iPhone / iPod Touch Directory Traversal
Checkview version 1.1 for iPhone / iPod Touch suffers from a directory traversal vulnerability. [ + ]
Mon, 07 Mar 2011 15:58:33 GMT
Air Contacts Lite Denial Of Service
The Air Contacts Lite iPhone / iPod application suffers from a denial of service vulnerability. [ + ]
Sat, 05 Mar 2011 01:11:28 GMT
Apple iPhone 4 Passphrase Disclosure
Apple iPhone 4 with iOS 4.3 (8F190) suffers from a passphrase disclosure vulnerability that allows all local processes access to it. [ + ]

iFileExplorer Free Directory Traversal
iFileExplorer Free for iPod Touch / iPhone version 2.8 suffers from a remote directory traversal vulnerability. [ + ]
PacketStorm Security

2013 Copyright © Mobile version 2015 | PeterLife & company World news today. Popular science publications online. The best manufacturers in the world. Products for industrial purposes. News of science and technology. Encyclopedic articles. Photos and videos. Science History. Promotion of manufacturers sites. Industrial goods. Display of goods stores online. | Terms of use Link at is mandatory if site materials are using fully or particulary. | Skimlinks helps publishers monetize editorial content through automated affiliate links for products. News: Affiliate programm. | Script Nevius. | Site Public Relations 1PS. | Hosting: Valuehost.