CVE-2012-3738

Sažetak

The Emergency Dialer screen in the Passcode Lock implementation in Apple iOS before 6 does not properly limit the dialing methods, which allows physically proximate attackers to bypass intended access restrictions and make FaceTime calls through Voice Dialing, or obtain sensitive contact information by attempting to make a FaceTime call and reading the contact suggestions.

Reference

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://osvdb.org/85620
http://support.apple.com/kb/HT5503

CVSS

Base:	3.6
Impact:	4.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

26-03-2013 - 03:37

Objavljeno

20-09-2012 - 21:55