The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted app.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2012-11-03 10:55
Updated : 2013-08-16 23:47
NVD link : CVE-2012-3749
Mitre link : CVE-2012-3749
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
apple
- iphone_os