Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.APPLE_IOS_61_CHECK.NBIN
HistoryJan 29, 2013 - 12:00 a.m.

Apple iOS < 6.1 Multiple Vulnerabilities

2013-01-2900:00:00
This script is Copyright (C) 2013-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.109 Low

EPSS

Percentile

95.2%

JSON

The mobile device is running a version of iOS that is older than version 6.1. This version contains security-related fixes for the following issues :

  • An error related to ‘EUC-JP’ encoding could allow cross- site scripting attacks. (CVE-2011-3058)

  • An out-of-bounds read error exists related to 802.11i information handling that could allow remote attackers to disable WiFi. (CVE-2012-2619)

  • An error exists related to certificate-based ‘Apple ID’ authentication that could allow improper trust extension. (CVE-2013-0963)

  • An error exists related to the ‘copyin’ and ‘copyout’ functions that could allow a user-mode process to access the first page of kernel memory. (CVE-2013-0964)

  • An error exists related to Mobile Safari preferences that could improperly allow JavaScript to be enabled after a user has disabled it.
    (CVE-2013-0974)

  • Many errors exist related to the bundled ‘WebKit’ components. (CVE-2012-2824, CVE-2012-2857, CVE-2012-2889, CVE-2012-3606, CVE-2012-3607, CVE-2012-3621, CVE-2012-3632, CVE-2012-3687, CVE-2012-3701, CVE-2013-0948, CVE-2013-0949, CVE-2013-0950, CVE-2013-0951, CVE-2013-0952, CVE-2013-0953, CVE-2013-0954, CVE-2013-0955, CVE-2013-0956, CVE-2013-0958, CVE-2013-0959, CVE-2013-0962, CVE-2013-0968)

  • Two intermediate certificates, improperly issued by TURKTRUST certificate authority, are incorrectly trusted.

Binary data apple_ios_61_check.nbin
VendorProductVersionCPE
appleiphone_oscpe:/o:apple:iphone_os

References

Related

securityvulns 11
nessus 23
threatpost 2
seebug 4
ubuntucve 23
cvelist 27
cve 27
prion 27
debiancve 5
nvd 27
cert 1
thn 1
packetstorm 1
openvas 16
freebsd 1
chrome 1
gentoo 2
securityvulns
securityvulns
APPLE-SA-2013-01-28-1 iOS 6.1 Software Update
2013-02-04 00:00:00
APPLE-SA-2013-03-14-2 Safari 6.0.3
2013-03-24 00:00:00
Safari / WebKit multiple security vulnerabilities
2013-03-24 00:00:00
nessus
nessus
Apple iOS < 6.1 Multiple Vulnerabilities
2013-01-30 00:00:00
Safari < 6.0.3 Multiple Vulnerabilities
2013-03-15 00:00:00
Mac OS X : Apple Safari < 6.0.3 Multiple Vulnerabilities
2013-03-15 00:00:00
threatpost
threatpost
Apple Releases iOS 6.1 With Fixes for More Than 20 Vulnerabilities
2013-01-29 14:25:53
Google Releases Chrome 18, Fixes Nine Security Flaws
2012-03-29 11:40:54
seebug
seebug
Apple TV 5.x多个安全漏洞
2013-02-03 00:00:00
Apple iPhone/iPad/iPod touch CVE-2013-0963验证绕过漏洞
2013-02-03 00:00:00
Apple iPhone/iPad/iPod touch iOS 6.1之前版本安全绕过漏洞
2013-01-30 00:00:00
ubuntucve
ubuntucve
CVE-2011-3058
2012-03-30 00:00:00
CVE-2012-2824
2012-06-27 00:00:00
CVE-2013-0950
2013-01-29 00:00:00
cvelist
cvelist
CVE-2011-3058
2012-03-30 22:00:00
CVE-2013-0962
2013-01-29 02:00:00
CVE-2012-2824
2012-06-27 10:00:00
cve
cve
CVE-2012-2824
2012-06-27 10:18:39
CVE-2013-0958
2013-01-29 05:58:54
CVE-2012-3687
2012-09-13 10:30:20
prion
prion
Design/Logic Flaw
2012-06-27 10:18:00
Cross site scripting
2013-01-29 05:58:00
Out-of-bounds
2012-11-14 12:30:00
debiancve
debiancve
CVE-2012-2824
2012-06-27 10:18:00
CVE-2011-3058
2012-03-30 22:55:00
CVE-2012-2857
2012-08-06 15:55:00
nvd
nvd
CVE-2013-0962
2013-01-29 05:58:54
CVE-2012-2824
2012-06-27 10:18:39
CVE-2012-3687
2012-09-13 10:30:20
cert
cert
Broadcom BCM4325 and BCM4329 wireless chipset denial-of-service vulnerability
2012-10-23 00:00:00
thn
thn
Smartphone wireless chipset vulnerable to DoS attack
2012-10-25 17:58:00
packetstorm
packetstorm
Broadcom BCM4325 / BCM4329 Denial Of Service
2012-11-16 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities (Oct 2012) - Mac OS X
2012-10-01 00:00:00
Apple Safari Multiple Vulnerabilities - Oct 2012 (Mac OS X)
2012-10-01 00:00:00
Google Chrome Multiple Vulnerabilities - April 12 (MAC OS X)
2012-04-05 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2012-03-28 00:00:00
chrome
chrome
Stable Channel Release and Beta Channel Update
2012-03-28 00:00:00
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2012-03-30 00:00:00
Chromium: Multiple vulnerabilities
2012-08-14 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.109 Low

EPSS

Percentile

95.2%

JSON
Related for APPLE_IOS_61_CHECK.NBIN
securityvulns11nessus23threatpost2seebug4ubuntucve23cvelist27cve27prion27debiancve5nvd27cert1thn1packetstorm1openvas16freebsd1chrome1gentoo2