For one, the update addresses a vulnerability that allows maliciously crafted or compromised iOS applications to determine addresses in the kernel. An information disclosure issue existed in the handling of APIs related to kernel extensions, Apple said.
“Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection,” the company noted. “This issue was addressed by unsliding the addresses before returning them.”
Meanwhile, the CVE-2012-3749 vulnerability, discovered by Mark Dowd of Azimuth Security, Eric Monti of Square and additional anonymous researchers, allows a person with physical access to the device to access Passbook passes without entering a passcode.
“A state management issue existed in the handling of Passbook passes at the lock screen,” Apple noted in its security brief. “This issue was addressed through improved handling of Passbook passes.”
CVE-2012-3750, discovered by researcher Anton Tsviatkou, opened the door for maliciously crafted websites to cause unexpected application terminations or arbitrary code execution.
“A time of check to time of use issue existed in the handling of JavaScript arrays,” Apple said. “This issue was addressed through additional validation of JavaScript arrays”
CVE-2012-3748 was identified by Joost Pol and Daan Keuper of Certified Secure, working with HP TippingPoint's Zero Day Initiative, and it allowed the same thing. “A use after free issue existed in the handling of SVG images,” Apple said. “This issue was addressed through improved memory handling.”