Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs
prior to 5.1.1; iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2
Two vulnerabilities were reported in Apple iOS. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can spoof the address bar URL.
A remote user can create a specially crafted file that, when loaded by the target user, will trigger a memory corruption error in WebKit and execute arbitrary code on the target system. The code will run with the privileges of the target user.
A remote user can create specially crafted HTML that, when loaded by the target user, will exploit a flaw in Safari and direct the target user to a spoofed site with a URL that appears to be a legitimate domain. OS X is not affected.
A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
The vendor has issued a fix (5.1.1).