Lucene search

[email protected]CVE-2012-3738

HistorySep 20, 2012 - 9:55 p.m.

CVE-2012-3738

2012-09-2021:55:04

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-3738

emergency dialer

passcode lock

apple ios

facetime

voice dialing

access restriction

contact information

nvd

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

5.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.2%

JSON

The Emergency Dialer screen in the Passcode Lock implementation in Apple iOS before 6 does not properly limit the dialing methods, which allows physically proximate attackers to bypass intended access restrictions and make FaceTime calls through Voice Dialing, or obtain sensitive contact information by attempting to make a FaceTime call and reading the contact suggestions.

Affected configurations

NVD

Node

appleiphone_osRange≤5.1.1

appleiphone_osMatch1.0.0

appleiphone_osMatch1.0.1

appleiphone_osMatch1.0.2

appleiphone_osMatch1.1.0

appleiphone_osMatch1.1.1

appleiphone_osMatch1.1.2

appleiphone_osMatch1.1.3

appleiphone_osMatch1.1.4

appleiphone_osMatch1.1.5

appleiphone_osMatch2.0

appleiphone_osMatch2.0.1

appleiphone_osMatch2.0.2

appleiphone_osMatch2.1

appleiphone_osMatch2.1.1

appleiphone_osMatch2.2

appleiphone_osMatch2.2.1

appleiphone_osMatch3.0

appleiphone_osMatch3.0.1

appleiphone_osMatch3.1

appleiphone_osMatch3.1.2

appleiphone_osMatch3.1.3

appleiphone_osMatch3.2

appleiphone_osMatch3.2.1

appleiphone_osMatch3.2.2

appleiphone_osMatch4.0

appleiphone_osMatch4.0.1

appleiphone_osMatch4.0.2

appleiphone_osMatch4.1

appleiphone_osMatch4.2.1

appleiphone_osMatch4.2.5

appleiphone_osMatch4.2.8

appleiphone_osMatch4.3.0

appleiphone_osMatch4.3.1

appleiphone_osMatch4.3.2

appleiphone_osMatch4.3.3

appleiphone_osMatch4.3.5

appleiphone_osMatch5.0

appleiphone_osMatch5.0.1

appleiphone_osMatch5.1

CPENameOperatorVersion
apple:iphone_osapple iphone osle5.1.1
apple:iphone_osapple iphone oseq1.0.0
apple:iphone_osapple iphone oseq1.0.1
apple:iphone_osapple iphone oseq1.0.2
apple:iphone_osapple iphone oseq1.1.0
apple:iphone_osapple iphone oseq1.1.1
apple:iphone_osapple iphone oseq1.1.2
apple:iphone_osapple iphone oseq1.1.3
apple:iphone_osapple iphone oseq1.1.4
apple:iphone_osapple iphone oseq1.1.5

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	le	5.1.1
apple:iphone_os	apple iphone os	eq	1.0.0
apple:iphone_os	apple iphone os	eq	1.0.1
apple:iphone_os	apple iphone os	eq	1.0.2
apple:iphone_os	apple iphone os	eq	1.1.0
apple:iphone_os	apple iphone os	eq	1.1.1
apple:iphone_os	apple iphone os	eq	1.1.2
apple:iphone_os	apple iphone os	eq	1.1.3
apple:iphone_os	apple iphone os	eq	1.1.4
apple:iphone_os	apple iphone os	eq	1.1.5