About the security content of iOS 7.1.2

This document describes the security content of iOS 7.1.2.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.

Where possible, CVE IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see Apple Security Updates.

iOS 7.1.2

  • Certificate Trust Policy

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: Update to the certificate trust policy

    Description: The certificate trust policy was updated. The complete list of certificates may be viewed at http://support.apple.com/kb/HT5012.

  • CoreGraphics

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: Viewing a maliciously crafted XBM file may lead to an unexpected application termination or arbitrary code execution

    Description: An unbounded stack allocation issue existed in the handling of XBM files. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2014-1354 : Dima Kovalenko of codedigging.com

  • Kernel

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: An application could cause the device to unexpectedly restart

    Description: A null pointer dereference existed in the handling of IOKit API arguments. This issue was addressed through additional validation of IOKit API arguments.

    CVE-ID

    CVE-2014-1355 : cunzhang from Adlab of Venustech

  • launchd

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A malicious application may be able to execute arbitrary code with system privileges

    Description: A heap buffer overflow existed in launchd's handling of IPC messages. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2014-1356 : Ian Beer of Google Project Zero

  • launchd

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A malicious application may be able to execute arbitrary code with system privileges

    Description: A heap buffer overflow existed in launchd's handling of log messages. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2014-1357 : Ian Beer of Google Project Zero

  • launchd

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A malicious application may be able to execute arbitrary code with system privileges

    Description: An integer overflow existed in launchd. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2014-1358 : Ian Beer of Google Project Zero

  • launchd

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A malicious application may be able to execute arbitrary code with system privileges

    Description: An integer underflow existed in launchd. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2014-1359 : Ian Beer of Google Project Zero

  • Lockdown

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: An attacker possessing an iOS device could potentially bypass Activation Lock

    Description: Devices were performing incomplete checks during device activation, which made it possible for malicious individuals to partially bypass Activation Lock. This issue was addressed through additional client-side verification of data received from activation servers.

    CVE-ID

    CVE-2014-1360

  • Lock Screen

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: An attacker in possession of a device may exceed the maximum number of failed passcode attempts

    Description: In some circumstances, the failed passcode attempt limit was not enforced. This issue was addressed through additional enforcement of this limit.

    CVE-ID

    CVE-2014-1352 : mblsec

  • Lock Screen

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A person with physical access to a locked device may be able to access the application that was in the foreground prior to locking

    Description: A state management issue existed in the handling of the telephony state while in Airplane Mode. This issue was addressed through improved state management while in Airplane Mode.

    CVE-ID

    CVE-2014-1353

  • Mail

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: Mail attachments can be extracted from an iPhone 4

    Description: Data protection was not enabled for mail attachments, allowing them to be read by an attacker with physical access to the device. This issue was addressed by changing the encryption class of mail attachments.

    CVE-ID

    CVE-2014-1348 : Andreas Kurtz of NESO Security Labs

  • Safari

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: A use after free issue existed in Safari's handling of invalid URLs. This issue was addressed through improved memory handling.

    CVE-ID

    CVE-2014-1349 : Reno Robert and Dhanesh Kizhakkinan

  • Settings

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password

    Description: A state management issue existed in the handling of the Find My iPhone state. This issue was addressed through improved handling of Find My iPhone state.

    CVE-ID

    CVE-2014-1350

  • Secure Transport

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: Two bytes of uninitialized memory could be disclosed to a remote attacker

    Description: An uninitialized memory access issue existed in the handling of DTLS messages in a TLS connection. This issue was addressed by only accepting DTLS messages in a DTLS connection.

    CVE-ID

    CVE-2014-1361 : Thijs Alkemade of The Adium Project

  • Siri

    Available for: iPhone 4S and later, iPod touch (5th generation) and later, iPad (3rd generation) and later

    Impact: A person with physical access to the phone may be able to view all contacts

    Description: If a Siri request might refer to one of several contacts, Siri displays a list of possible choices and the option 'More...' for a complete contact list. When used at the lock screen, Siri did not require the passcode before viewing the complete contact list. This issue was addressed by requiring the passcode.

    CVE-ID

    CVE-2014-1351 : Sherif Hashim

  • WebKit

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.

    CVE-ID

    CVE-2013-2875 : miaubiz

    CVE-2013-2927 : cloudfuzzer

    CVE-2014-1323 : banty

    CVE-2014-1325 : Apple

    CVE-2014-1326 : Apple

    CVE-2014-1327 : Google Chrome Security Team, Apple

    CVE-2014-1329 : Google Chrome Security Team

    CVE-2014-1330 : Google Chrome Security Team

    CVE-2014-1331 : cloudfuzzer

    CVE-2014-1333 : Google Chrome Security Team

    CVE-2014-1334 : Apple

    CVE-2014-1335 : Google Chrome Security Team

    CVE-2014-1336 : Apple

    CVE-2014-1337 : Apple

    CVE-2014-1338 : Google Chrome Security Team

    CVE-2014-1339 : Atte Kettunen of OUSPG

    CVE-2014-1341 : Google Chrome Security Team

    CVE-2014-1342 : Apple

    CVE-2014-1343 : Google Chrome Security Team

    CVE-2014-1362 : Apple, miaubiz

    CVE-2014-1363 : Apple

    CVE-2014-1364 : Apple

    CVE-2014-1365 : Apple, Google Chrome Security Team

    CVE-2014-1366 : Apple

    CVE-2014-1367 : Apple

    CVE-2014-1368 : Wushi of Keen Team (Research Team of Keen Cloud Tech)

    CVE-2014-1382 : Renata Hodovan of University of Szeged / Samsung Electronics

    CVE-2014-1731 : an anonymous member of the Blink development community

  • WebKit

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A malicious site can send messages to a connected frame or window in a way that might circumvent the receiver's origin check

    Description: An encoding issue existed in the handling of unicode characters in URLs. A maliciously crafted URL could have led to sending an incorrect postMessage origin. This issue was addressed through improved encoding/decoding.

    CVE-ID

    CVE-2014-1346 : Erling Ellingsen of Facebook

  • WebKit

    Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A maliciously crafted website may be able to spoof its domain name in the address bar

    Description: A spoofing issue existed in the handling of URLs. This issue was addressed through improved encoding of URLs.

    CVE-ID

    CVE-2014-1345 : Erling Ellingsen of Facebook

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: