Lucene search
K

358 matches found

hackapp
hackapp
added 2016/04/01 8:48 a.m.13 views

Free Facetime Call Guide - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Free Facetime Call Guide published at the 'play' market has multiple vulnerabilities...

0.9AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/09/20 12:0 a.m.4 views

Apple iOS Webkit URL Handling Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS suffers from a security vulnerability in the handling of tel://, facetime://, and facetime-audio:// URLs, which allows an attacker to construct a malicious WEB page and trick users into parsing...

4.3CVSS6.5AI score0.01926EPSS
Exploits0References1
OSV
OSV
added 2015/09/18 10:59 a.m.5 views

UBUNTU-CVE-2015-5820

WebKit in Apple iOS before 9 allows remote attackers to trigger a dialing action via a crafted 1 tel://, 2 facetime://, or 3 facetime-audio:// URL...

4.3CVSS5.9AI score0.01926EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.8 views

The vulnerability of the iOS operating system allows a perpetrator to initiate arbitrary calls in FaceTime.

The vulnerability of the UIKit WebView component in the iOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to initiate arbitrary calls in FaceTime using a specially crafted URL...

4.3CVSS5.6AI score0.01374EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2015/08/30 9:14 p.m.19 views

Photos Leaked! Here's Top Features Expected in Next iPhone Release

Only 9 days are left for Apple's annual new iPhone launch event, where the company will bring its various new products but the obvious stars of the show will be the iPhone 6s and the iPhone 6s Plus. The company has not officially announced the iPhone 6S and iPhone 6S Plus yet, but a series of new...

6.5AI score
Exploits0
CNVD
CNVD
added 2015/08/18 12:0 a.m.5 views

Apple iOS WebViews FaceTime URL Parsing Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability in Apple iOS WebViews handling of FaceTime URLs allows remote attackers to exploit the vulnerability to initialize FactTime calls without user authorization...

4.3CVSS6.6AI score0.01374EPSS
Exploits0References1
NVD
NVD
added 2015/08/16 11:59 p.m.16 views

CVE-2015-3758

UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL...

4.3CVSS5.8AI score0.01374EPSS
Exploits0References4
Prion
Prion
added 2015/08/16 11:59 p.m.15 views

Design/Logic Flaw

UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL...

4.3CVSS6.2AI score0.01374EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2015/08/16 11:0 p.m.50 views

CVE-2015-3758

CVE-2015-3758 affects UIKit WebView in iOS prior to 8.4.1. The vulnerability lets an attacker bypass the user-confirmation requirement and initiate a FaceTime call via an app supplying a crafted URL, due to parsing/validation issues in WebView URL handling. Impact: potential unauthorized FaceTime...

4.3CVSS5.9AI score0.01374EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/08/16 11:0 p.m.23 views

CVE-2015-3758

UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL...

5.8AI score0.01374EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2015/02/13 11:14 a.m.12 views

Apple Extends Two-Factor Authentication to iMessage, FaceTime

Apple extended two-factor authentication 2FA yesterday to its iMessage and FaceTime services, adding an extra layer of security to the popular iOS apps. The move, which Apple has taken to calling “two-step verification,” follows the company’s enabling of 2FA on its iCloud storage service back in...

1.1AI score
Exploits0References3
NVD
NVD
added 2014/11/18 11:59 a.m.17 views

CVE-2014-4463

Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature...

2.1CVSS5.8AI score0.00341EPSS
Exploits0References7
Prion
Prion
added 2014/11/18 11:59 a.m.18 views

Information disclosure

Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature...

2.1CVSS6.2AI score0.00341EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2014/11/18 11:0 a.m.18 views

CVE-2014-4463

Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature...

5.8AI score0.00341EPSS
Exploits0References7
CVE
CVE
added 2014/11/18 11:0 a.m.46 views

CVE-2014-4463

Affected software: Apple iOS prior to 8.1.1. Issue: The FaceTime Leave a Message feature on the lock screen could allow a physically proximate attacker to bypass the lock-screen protection and view or transmit a Photo Library photo. Root cause / scope: a protection bypass via FaceTime Leave a Mes...

2.1CVSS5.9AI score0.00341EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2014/10/08 10:55 a.m.21 views

CVE-2014-3187

Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of 1 facetime:// and 2 facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site...

6.8CVSS6AI score0.00812EPSS
Exploits0References4
Prion
Prion
added 2014/10/08 10:55 a.m.20 views

Code injection

Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of 1 facetime:// and 2 facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site...

6.8CVSS6.5AI score0.00812EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/10/08 10:0 a.m.24 views

CVE-2014-3187

Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of 1 facetime:// and 2 facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site...

6AI score0.00812EPSS
Exploits0References4
myhack58
myhack58
added 2014/08/23 12:0 a.m.15 views

iPhone vulnerability allows the phone to automatically dial expensive toll-vulnerability warning-the black bar safety net

Developer Andrei Neculaesei,found that although Safari will ask the user whether to make a call, but like Facebook Messenger and Google+, etc. most big name applications are not and the user to confirm whether to dial the telephone, but simply go ahead and make the call. Andrei Neculaesei create ...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2014/03/31 12:0 a.m.69 views

[CVE-2013-6835] - iOS 7.0.6 Safari/Facetime-Audio Privacy issue

Affected Vendor: https://www.apple.com/ - Affected Software: Safari/Facetime on iOS - Affected Version: iOS 7 prior to 7.1 - Issue Type: Lack of user confirmation leading to a call being established, revealing the user's identity phone number or email address - Release Date: March 10, 2014 -...

5CVSS0.5AI score0.06792EPSS
Exploits3
Rows per page
Query Builder