CVE-2013-5155Improper Input Validation in Apple Iphone OS

CWE-20Improper Input Validation2 documents2 sources
Severity
7.1HIGHNVD
EPSS
0.5%
top 35.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Iphone OS
Timeline
PublishedSep 19
Latest updateMay 17

Description

The Sandbox subsystem in Apple iOS before 7 allows attackers to cause a denial of service (infinite loop) via an application that writes crafted values to /dev/random.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDapple/iphone_os6.1.4+47

🔴Vulnerability Details

1
GHSA
GHSA-mggx-mjg5-9fxj: The Sandbox subsystem in Apple iOS before 7 allows attackers to cause a denial of service (infinite loop) via an application that writes crafted value2022-05-17
CVE-2013-5155 — Improper Input Validation in Apple | cvebase