Kernel Address Disclosure Vulnerability in Apple iOS Extensions APIs

Kernel Address Disclosure Vulnerability in Apple iOS Extensions APIs

CVE-2012-3749 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted app.

Learn more about our Cis Benchmark Audit For Apple Ios.