Code execution holes in iPhone OS, iPod Touch
Apple has shipped a patch to cover five documented vulnerabilities that expose iPhone and iPod Touch users to malicious hacker attacks.
The most serious flaw could allow remote code execution if an iPhone/iPod Touch user opens audio and image files. Here’s the skinny on the vulnerabilities being patched with this iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod Touch update:
CoreAudio (CVE-2010-0036)
ImageIO (CVE-2009-2285)
Recovery Mode (CVE-2010-0038)
WebKit (CVE-2009-3384)
WebKit (CVE-2009-2841)