This script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.APPLE_IOS_613_CHECK.NBINApple iOS < 6.1.3 Multiple Vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
97.7%
The mobile device is running a version of iOS that is older than version 6.1.3. This version contains security-related fixes for the following issues :
-
A state management error exists related to โMach-Oโ files and overlapping segments that could allow execution of unsigned code. (CVE-2013-0977)
-
An error exists related to the ARM prefetch abort handler that could allow disclosure of sensitive information. (CVE-2013-0978)
-
An error exists related to โlockdowndโ and file permissions restrictions. (CVE-2013-0979)
-
An error exists related to screen locking that could allow unauthorized access. (CVE-2013-0980)
-
An error exists related to IOUSBDeviceFamily driver used pipe object pointers that could allow execution of arbitrary code. (CVE-2013-0981)
-
A variable casting error exists related to the bundled โWebKitโ component and SVG handling. (CVE-2013-0912)
Binary data apple_ios_613_check.nbinReferences
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0977
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0978
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0979
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0980
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0981
lists.apple.com/archives/security-announce/2013/Mar/msg00004.html
support.apple.com/en-us/HT202706
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
97.7%