Boku Kihara

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 6 **Description** The issue concerns the Restrictions implementation, also known as Parental Controls, which does not properly handle purchase attempts after a Disable Restrictions action. This allows local users to bypass an intended Apple ID authentication step via an app that performs purchase transactions. **Recommendations** For Apple iOS versions prior to 6, update to a version 6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 6 **Description** The issue concerns the Safari browser in Apple iOS, where it fails to properly restrict the use of a specific Unicode character that resembles the https lock indicator. This allows remote attackers to spoof https connections by including this character in the TITLE element of a web page. **Recommendations** For versions prior to 6, update to a version 6 or later to resolve the issue.