Описание
An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Sandbox Profiles" component, which allows attackers to read photo-directory metadata via a crafted app.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.0.3 (включая)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Конфигурация 2Версия до 10.0 (включая)
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
Конфигурация 3Версия до 2.2.2 (включая)
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00228
Низкий
3.3 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 3.3
github
больше 3 лет назад
An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Sandbox Profiles" component, which allows attackers to read photo-directory metadata via a crafted app.
fstec
почти 9 лет назад
Уязвимость операционной системы iOS, позволяющая нарушителю получить доступ к метаданным фото-каталога
EPSS
Процентиль: 45%
0.00228
Низкий
3.3 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-200