Thread: iphone 4 just announced.
View Single Post
Old 08-13-2010, 01:11 PM   #805
newcigarz
Smoke and Mirrors
 
newcigarz's Avatar
 
Join Date: Oct 2008
Location: On the bottom shelf
Posts: 3,139
Trading: (15)
HUpmann
newcigarz has disabled reputation
Default Re: iphone 4 just announced.
Quote:
Originally Posted by Chingas View Post
Thanks for the warning. I won't update. Are we missing anything outlandish in this update?
The only reason for the update was the security issue with .pdf. This was the issue that allowed the new iphones to be jailbroken.

iOS 4.0.2 Update for iPhone and iPod touch
FreeType

CVE-ID: CVE-2010-1797

Available for: iOS 2.0 through 4.0.1 for iPhone 3G and later, iOS 2.1 through 4.0 for iPod touch (2nd generation) and later

Impact: Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution

Description: A stack buffer overflow exists in FreeType's handling of CFF opcodes. Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution. This issue is addressed through improved bounds checking.
newcigarz is offline   Reply With Quote