Lucene search

[email protected]NVD:CVE-2013-0974

HistoryJan 29, 2013 - 5:58 a.m.

CVE-2013-0974

2013-01-2905:58:55

[email protected]

web.nvd.nist.gov

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.1%

JSON

StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner.

Affected configurations

NVD

Node

appleiphone_osRange≤6.0.2

appleiphone_osMatch6.0

appleiphone_osMatch6.0.1

References

lists.apple.com/archives/security-announce/2013/Jan/msg00000.html

osvdb.org/89658

support.apple.com/kb/HT5642

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.1%

JSON

Related for NVD:CVE-2013-0974

prion1 cvelist1 cve1 nessus2 securityvulns1