358 matches found
Free Facetime Call Guide - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Free Facetime Call Guide published at the 'play' market has multiple vulnerabilities...
Apple iOS Webkit URL Handling Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS suffers from a security vulnerability in the handling of tel://, facetime://, and facetime-audio:// URLs, which allows an attacker to construct a malicious WEB page and trick users into parsing...
UBUNTU-CVE-2015-5820
WebKit in Apple iOS before 9 allows remote attackers to trigger a dialing action via a crafted 1 tel://, 2 facetime://, or 3 facetime-audio:// URL...
The vulnerability of the iOS operating system allows a perpetrator to initiate arbitrary calls in FaceTime.
The vulnerability of the UIKit WebView component in the iOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to initiate arbitrary calls in FaceTime using a specially crafted URL...
Photos Leaked! Here's Top Features Expected in Next iPhone Release
Only 9 days are left for Apple's annual new iPhone launch event, where the company will bring its various new products but the obvious stars of the show will be the iPhone 6s and the iPhone 6s Plus. The company has not officially announced the iPhone 6S and iPhone 6S Plus yet, but a series of new...
Apple iOS WebViews FaceTime URL Parsing Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability in Apple iOS WebViews handling of FaceTime URLs allows remote attackers to exploit the vulnerability to initialize FactTime calls without user authorization...
CVE-2015-3758
UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL...
Design/Logic Flaw
UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL...
CVE-2015-3758
CVE-2015-3758 affects UIKit WebView in iOS prior to 8.4.1. The vulnerability lets an attacker bypass the user-confirmation requirement and initiate a FaceTime call via an app supplying a crafted URL, due to parsing/validation issues in WebView URL handling. Impact: potential unauthorized FaceTime...
CVE-2015-3758
UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL...
Apple Extends Two-Factor Authentication to iMessage, FaceTime
Apple extended two-factor authentication 2FA yesterday to its iMessage and FaceTime services, adding an extra layer of security to the popular iOS apps. The move, which Apple has taken to calling “two-step verification,” follows the company’s enabling of 2FA on its iCloud storage service back in...
CVE-2014-4463
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature...
Information disclosure
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature...
CVE-2014-4463
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature...
CVE-2014-4463
Affected software: Apple iOS prior to 8.1.1. Issue: The FaceTime Leave a Message feature on the lock screen could allow a physically proximate attacker to bypass the lock-screen protection and view or transmit a Photo Library photo. Root cause / scope: a protection bypass via FaceTime Leave a Mes...
CVE-2014-3187
Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of 1 facetime:// and 2 facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site...
Code injection
Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of 1 facetime:// and 2 facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site...
CVE-2014-3187
Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of 1 facetime:// and 2 facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site...
iPhone vulnerability allows the phone to automatically dial expensive toll-vulnerability warning-the black bar safety net
Developer Andrei Neculaesei,found that although Safari will ask the user whether to make a call, but like Facebook Messenger and Google+, etc. most big name applications are not and the user to confirm whether to dial the telephone, but simply go ahead and make the call. Andrei Neculaesei create ...
[CVE-2013-6835] - iOS 7.0.6 Safari/Facetime-Audio Privacy issue
Affected Vendor: https://www.apple.com/ - Affected Software: Safari/Facetime on iOS - Affected Version: iOS 7 prior to 7.1 - Issue Type: Lack of user confirmation leading to a call being established, revealing the user's identity phone number or email address - Release Date: March 10, 2014 -...