Описание
The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, uses predictable TCP initial sequence numbers, which allows remote attackers to spoof or hijack a TCP connection.
Ссылки
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.0.0 (включая) до 2.0.2 (включая)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02524
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-330
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, uses predictable TCP initial sequence numbers, which allows remote attackers to spoof or hijack a TCP connection.
EPSS
Процентиль: 85%
0.02524
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-330