JVNDB-2011-000105

[Japanese]
JVNDB-2011-000105
Safari for iOS vulnerable to denial-of-service
Overview
Safari for iOS contains a denial-of-service (DoS) vulnerability. Shuichiro Suzuki of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)
Base Metrics: 4.3 (Medium) [IPA Score] Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

Affected Products

Apple Inc. iOS (Safari contained in iOS versions prior to 5.0)

Impact
A remote attacker may be able to cause a denial-of-service (DoS).
Solution
[Update the software] Update to the latest version of iOS according to the information provided by the developer.
Vendor Information
Apple Inc. Apple security updates : About the security content of iOS 5 Software Update
CWE (What is CWE?)
No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

References
JVN : JVN#15549168
Revision History
[2011/12/15] Web page was published

Safari for iOS vulnerable to denial-of-service