Apple iPhone iOS "OfficeArtMetafileHeader" Parsing Vulnerability

Last Update Date: 25 Mar 2011 10:04 Release Date: 25 Mar 2011 5570 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

A vulnerability has been reported in Apple iPhone iOS, which can be exploited by malicious people to compromise a vulnerable device.  A boundary error exists in QuickLook when parsing an OfficeArtMetafileHeader record in certain Microsoft Office files. This can be exploited to cause a buffer overflow and execute arbitrary code when e.g. a specially crafted document is opened via Safari.

 

The vulnerability is reported in iOS 4.3 running on iPhone 4. Other versions may also be affected.

 

Currently, there is no patch available for this vulnerability.

Impact

  • Remote Code Execution

System / Technologies affected

  • Apple iPhone OS (iOS) 4.x

Solutions

  • Currently, there is no patch available
  • Workaround:
    • Do not browse untrusted websites.

 

Vulnerability Identifier

Source

Related Link

Share with

Previous

Adobe Flash Player Vulnerability

15 Mar 2011 5615 Views

Next

VLC Media Player AMV and NSV Data Processing Vulnerability

25 Mar 2011 5580 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY