Lucene search

PRIOn knowledge basePRION:CVE-2012-3749

HistoryNov 03, 2012 - 5:55 p.m.

Authentication flaw

2012-11-0317:55:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.9%

JSON

The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted app.

CPENameOperatorVersion
iphone_oseq3.0
iphone_oseq3.2
iphone_oseq3.1.3
iphone_oseq1.0.2
iphone_oseq4.3.2
iphone_oseq4.0.2
iphone_oseq2.2
iphone_oseq1.1.1
iphone_oseq4.2.8
iphone_oseq4.1

Name	Operator	Version
iphone_os	eq	3.0
iphone_os	eq	3.2
iphone_os	eq	3.1.3
iphone_os	eq	1.0.2
iphone_os	eq	4.3.2
iphone_os	eq	4.0.2
iphone_os	eq	2.2
iphone_os	eq	1.1.1
iphone_os	eq	4.2.8
iphone_os	eq	4.1

Rows per page:

1-10 of 411

References

archives.neohapsis.com/archives/bugtraq/2012-11/0012.html

lists.apple.com/archives/security-announce/2012/Nov/msg00000.html

lists.apple.com/archives/security-announce/2013/Mar/msg00002.html

secunia.com/advisories/51445

support.apple.com/kb/HT5567

support.apple.com/kb/HT5598

www.securityfocus.com/bid/56361

6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.9%

JSON

Related for PRION:CVE-2012-3749