Lucene search
RootSSV:60626HistoryFeb 03, 2013 - 12:00 a.m.
Apple iPhone/iPad/iPod touch CVE-2013-0963验证绕过漏洞
2013-02-0300:00:00
Root
www.seebug.org
16
0.001 Low
EPSS
Percentile
39.8%
Bugtraq ID:57572
CVE ID:CVE-2013-0963
Apple iOS是一款运行在苹果iPhone和iPod touch设备上的最新的操作系统。
Apple iOS身份识别服务存在一个安全漏洞,如果用户的AppleID证书验证失败,则用户的AppleID会假定为空字符串。如果属于不同用户的多系统进入这种状态,依赖此身份判断的应用程序会错误的扩展信任范围,可允许攻击者绕过基于证书的Apple ID验证。
0
Apple iOS 6.1之前版本
Apple iPhone/iPad/iPod touch
厂商解决方案
Apple iOS 6.1已经修复此漏洞,建议用户下载使用:
http://www.apple.com/iphone/softwareupdate/
Related
cvelist
cvelist
CVE-2013-0963
2013-01-29 02:00:00
nvd
nvd
CVE-2013-0963
2013-01-29 05:58:54
prion
prion
Authentication flaw
2013-01-29 05:58:00
seebug
seebug
Apple iPhone/iPad/iPod touch iOS 6.1之前版本安全绕过漏洞
2013-01-30 00:00:00
cve
cve
CVE-2013-0963
2013-01-29 05:58:54
nessus
nessus
Mac OS X 10.8.x < 10.8.3 Multiple Vulnerabilities
2013-03-15 00:00:00
Mac OS X 10.8 < 10.8.3 Multiple Vulnerabilities (Security Update 2013-001)
2013-03-16 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2013-001)
2013-03-15 00:00:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2013-03-24 00:00:00
APPLE-SA-2013-01-28-1 iOS 6.1 Software Update
2013-02-04 00:00:00