CVE-2013-0957 — Apple Iphone OS vulnerability

CWE-26427 documents3 sources

Severity

5.8MEDIUMNVD

EPSS

0.3%

top 47.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS

Timeline

PublishedSep 19

Latest updateMay 17

Description

Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

▶NVDapple/iphone_os6.1.4+47

🔴Vulnerability Details

GHSA

GHSA-72wc-vmc9-xm7f: Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Eras↗2022-05-17

▶

💬Community

Bugzilla

CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124)↗2013-06-17

▶

Bugzilla

CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805)↗2013-06-17

▶

Bugzilla

CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812)↗2013-06-17

▶

Bugzilla

CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328)↗2013-06-17

▶

Bugzilla

CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281)↗2013-06-17

▶