Three of the vulnerabilities could allow someone to run code remotely, if an iPhone or iPod Touch user opened malicious audio or image files, or accessed a malicious FTP (File Transfer Protocol) server, Apple said.
Another vulnerability could allow someone with physical access to one of the devices to bypass the passcode on a locked device and access the data.
The patch affects iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod Touch. More information is on the Apple security Web page.
All the latest Apple news, featuring developments on the iPhone, iPad, Macbooks, OS X and much more.
Feb 22Apple's next-gen campus 'Apple Park' nearing launch
Feb 22Futuristic Apple 'spaceship' headquarters to open in April
Feb 22iPhone owners in US spent $40 each on apps in 2016
Feb 21iPhone 8 camera overhaul could 3D scan your face, says report