Critical Vulnerability in Apple IOS PDF Document Reader
Summary
A remote code execution vulnerability in Apple's PDF viewer for its IOS operating system is being actively exploited in the wild. Remote attackers can trigger this flaw by enticing a user to open a specially crafted PDF file. Successful exploitation of this vulnerability allows the execution of arbitrary code on the targeted device.
Details
The IOS operating system is used on some of Apple's mobile devices, including the iPhone, Touch, and iPad. The Portable Document Format (PDF) is an open standard, originally created by Adobe Systems, that allows document sharing across multiple platforms and operating systems.
A vulnerability exists in IOS's PDF document viewer, in the way that it handles True Type Font content in a document. This can be exploited by convincing a user to open a maliciously crafted PDF document, which allows an attacker to gain elevated privileges on the mobile device. The attacker can then bypass Apple's code signing mechanism, establish root privileges and run arbitrary code on the device -- potentially allowing personal data exfiltration, remote control of the device's camera, locate the device via its GPS capability, etc.
Affected Products
This issue affects Apple mobile devices running IOS 4.3.3 and earlier.
Solution
Check Point's IPS Software Blade provides protection against this vulnerability at the network level in the latest IPS update by detecting and blocking the transferal of malformed PDF files via HTTP. For more information see CPAI-2011-338.
Originally Published:
Last Updated: 12-Jul-2011