exploitDog

CVE-2012-0645

Опубликовано: 08 мар. 2012

Источник: nvd

CVSS2: 1.2

EPSS Низкий

Описание

Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient.

Ссылки

http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
Mailing List
Vendor Advisory
http://secunia.com/advisories/48288
Third Party Advisory
http://www.securitytracker.com/id?1026774
Third Party Advisory
VDB Entry
http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
Mailing List
Vendor Advisory
http://secunia.com/advisories/48288
Third Party Advisory
http://www.securitytracker.com/id?1026774
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 5.1 (исключая)

EPSS

Процентиль: 26%

0.00092

Низкий

1.2 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-8j9f-f493-r9mh

github

больше 3 лет назад

Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient.

EPSS

Процентиль: 26%

0.00092

Низкий

1.2 Low

CVSS2

Дефекты

CWE-264