Most of the plugged vulnerabilities involve the WebKit framework used to render web pages in Safari and other applications. Apple warned that visiting a malicious website could lead to a “cross-site scripting attack”, an “unexpected application termination”, or “arbitrary code execution”, according to a security advisory.
A number of screen lock bypass issues were fixed, including a race condition issue in the handling of slide to dial gestures. “This may allow a person with physical access to the device to bypass the passcode lock screen”, Apple warned. The passcode lock flaw was discovered by Roland Kohler of the German Federal Ministry of Economics and Technology. In addition, a Siri screen lock flaw could allow an “attacker with physical access to a locked phone” to “get access to frontmost email message.”
Other flaws fixed include an issue with CFNetwork that could result in “disclosure of sensitive information” after visiting malicious websites, a problem with HFS in which “mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution”, a logic issue in which a malicious program could bypass sandbox restrictions, and a format string vulnerability in VPN that could enable a maliciously crafted system configuration file to result in arbitrary code execution with system privileges.
Only a few hours after Apple released iOS 5.1, the iPhone Dev Team announced that it had updated the redsn0w jailbreak tool so that it “supports a tethered 5.1 jailbreak.”