cvelistv5 - CVE-2013-0974

CVE-2013-0974 (GCVE-0-2013-0974)

Vulnerability from cvelistv5

Published

2013-01-29 02:00

Modified

2024-08-06 14:49

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

var-201301-0342

Vulnerability from variot

StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. NOTE: This issue was previously discussed in BID 57572 (Apple iPhone/iPad/iPod touch Prior to iOS 6.1 Multiple Vulnerabilities) but has been given its own record to better document it. Apple iOS for the iPhone, the iPod touch, and the iPad is prone to multiple security vulnerabilities. These issues affect the following components: Identity Services Kernel StoreKit WebKit Successfully exploiting these issues may allow attackers to execute arbitrary script code, bypass security restrictions, obtain sensitive information, execute arbitrary code, or crash the affected device. Other attacks are also possible. This BID is being retired. The following individual records exist to better document the issues: 57576 WebKit CVE-2013-0948 Unspecified Memory Corruption Vulnerability 57580 WebKit CVE-2013-0949 Unspecified Memory Corruption Vulnerability 57581 WebKit CVE-2013-0950 Unspecified Memory Corruption Vulnerability 57582 WebKit CVE-2013-0951 Unspecified Memory Corruption Vulnerability 57583 WebKit CVE-2013-0962 Cross Site Scripting Vulnerability 57584 WebKit CVE-2013-0952 Unspecified Memory Corruption Vulnerability 57585 WebKit CVE-2013-0953 Unspecified Memory Corruption Vulnerability 57586 WebKit CVE-2013-0954 Unspecified Memory Corruption Vulnerability 57587 WebKit CVE-2013-0955 Unspecified Memory Corruption Vulnerability 57588 WebKit CVE-2013-0956 Unspecified Memory Corruption Vulnerability 57589 WebKit CVE-2013-0958 Unspecified Memory Corruption Vulnerability 57590 WebKit CVE-2013-0959 Unspecified Memory Corruption Vulnerability 57591 WebKit CVE-2013-0968 Unspecified Memory Corruption Vulnerability 57595 Apple iPhone/iPad/iPod touch Prior to iOS 6.1 Information Disclosure Vulnerability 57597 Apple iPhone/iPad/iPod touch CVE-2013-0974 Security Bypass Vulnerability 57598 Apple iPhone/iPad/iPod touch Prior to iOS 6.1 CVE-2013-0963 Security Bypass Vulnerability. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2013-01-28-1 iOS 6.1 Software Update

iOS 6.1 Software Update is now available and addresses the following:

Identity Services Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Authentication relying on certificate-based Apple ID authentication may be bypassed Description: An error handling issue existed in Identity Services. If the user's AppleID certificate failed to validate, the user's AppleID was assumed to be the empty string. If multiple systems belonging to different users enter this state, applications relying on this identity determination may erroneously extend trust. This issue was addressed by ensuring that NULL is returned instead of an empty string. CVE-ID CVE-2013-0963

International Components for Unicode Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A canonicalization issue existed in the handling of the EUC-JP encoding, which could lead to a cross-site scripting attack on EUC-JP encoded websites. This issue was addressed by updating the EUC-JP mapping table. CVE-ID CVE-2011-3058 : Masato Kinugawa

Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user-mode process may be able to access the first page of kernel memory Description: The iOS kernel has checks to validate that the user- mode pointer and length passed to the copyin and copyout functions would not result in a user-mode process being able to directly access kernel memory. The checks were not being used if the length was smaller than one page. This issue was addressed through additional validation of the arguments to copyin and copyout. CVE-ID CVE-2013-0964 : Mark Dowd of Azimuth Security

Security Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Several intermediate CA certificates were mistakenly issued by TURKTRUST. This may allow a man-in-the-middle attacker to redirect connections and intercept user credentials or other sensitive information. This issue was addressed by not allowing the incorrect SSL certificates. This issue was addressed by not enabling JavaScript when visiting a site with a Smart App Banner. CVE-ID CVE-2013-0974 : Andrew Plotkin of Zarfhome Software Consulting, Ben Madison of BitCloud, Marek Durcek

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2012-2824 : miaubiz CVE-2012-2857 : Arthur Gerkis CVE-2012-3606 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3607 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3621 : Skylined of the Google Chrome Security Team CVE-2012-3632 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3687 : kuzzcc CVE-2012-3701 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0951 : Apple CVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the Google Chrome Security Team CVE-2013-0955 : Apple CVE-2013-0956 : Apple Product Security CVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0968 : Aaron Nelson

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Copying and pasting content on a malicious website may lead to a cross-site scripting attack Description: A cross-site scripting issue existed in the handling of content pasted from a different origin. This issue was addressed through additional validation of pasted content. CVE-ID CVE-2013-0962 : Mario Heiderich of Cure53

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-site scripting issue existed in the handling of frame elements. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-2889 : Sergey Glazunov

WiFi Available for: iPhone 3GS, iPhone 4, iPod touch (4th generation), iPad 2 Impact: A remote attacker on the same WiFi network may be able to temporarily disable WiFi Description: An out of bounds read issue exists in Broadcom's BCM4325 and BCM4329 firmware's handling of 802.11i information elements. This issue was addressed through additional validation of 802.11i information elements. CVE-ID CVE-2012-2619 : Andres Blanco and Matias Eissler of Core Security

Installation note:

This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. The version after applying this update will be "6.1".

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJRBffvAAoJEPefwLHPlZEwzYgP/0qhsTft9TUGuphoY9tth5WB D0+8pAKs+1HU+nMOaEKPbK+zdMxblhRNPQyhMuTAQaY5Z/iGn1EXVCTlQBO8esRW epxNZuhFoaW4wzK9kvw5d/HZ9tfq059ozlFOp1TI2D6J5RwNgxDfigt2PUKCTV4X u/BONQHIfINYMofgf5897LHYYFSU2+NJj5ouM5dY4Y/kfJkwAnG5AWCAGlEt3QOo MZdaVv3/itPj4te838FYCVAepel3xBWX0Hhuu87+waHslRrIfQl+EvNk3YZXxWiF O5Hw9Ng/H8n0sbeA39w0U8tw+q/wPhVexdULgRjBH65+6g7Cu5u+rMuYuRjl8fO/ glLhKZNSrQDa5ZNOraOrF62AFVByHaSxv4cZwo262/6uH93FIBtklMt947GMVQLC 1FT0CIGNJb1/0156bvsABfRScBtK9ZdIUjXhOHMinhQJX3qiBqyKc4/juYPmC9VC KXk2/K8b0sGWQRc5RuQsSpzkZF9WcrwmgGOBIghp2DLmbAAj0uh2Ttf1GdrOaajR XpZ2TTJ5qE+IHNU0/etroTYnzjKVjQ0pODrPZj7ALLXULTraXJRJy7fqraUzsHbi AZiRca+3x/S9nqV0NpTNPZgTwxenox10t0w5vhcBK+SPGga1oVRbtOjGtVIkgoG4 KI3sdgb6PtpZWuIJ6iZA =J2jv -----END PGP SIGNATURE----- . ----------------------------------------------------------------------

The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/

TITLE: Apple iOS Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA52002

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52002/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52002

RELEASE DATE: 2013-01-29

DISCUSS ADVISORY: http://secunia.com/advisories/52002/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/52002/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=52002

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Two security issues and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's device.

1) An error when handling a validation failure of a AppleID certificate within the IdentityService can be exploited to potentially bypass the certificate-based AppleID authentication via an invalid AppleID certificate.

2) An error exists in International Components for Unicode.

5) Multiple vulnerabilities are caused due to a bundled vulnerable version of WebKit.

Successful exploitation of vulnerabilities #3 and #5 through #17 may allow execution of arbitrary code.

18) Certain input pasted from a different origin is not properly sanitised in WebKit before being used.

19) Certain unspecified input related to frame handling is not properly sanitised before being returned to the user.

For more information see vulnerability #1 in: SA50759

NOTE: Additionally a weakness exists within the handling of 802.11i information elements within Broadcom's BCM4325 and BCM4329 firmware, which can be exploited to disable WiFi.

PROVIDED AND/OR DISCOVERED BY: 1, 9, 13, and 14) Reported by the vendor

The vendor credits: 3) Mark Dowd, Azimuth Security 4) Andrew Plotkin, Zarfhome Software Consulting, Ben Madison, BitCloud, and Marek Durcek 6, 7, 8, 10, 11, 15, and 16) Abhishek Arya (Inferno), Google Chrome Security Team 12) Dominic Cooney, Google and Martin Barbella, Google Chrome Security Team 17) Aaron Nelson 18) Mario Heiderich, Cure53

ORIGINAL ADVISORY: APPLE-SA-2013-01-28-1: http://support.apple.com/kb/HT5642

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201301-0342",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "iphone os",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1   (ipad 2 or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1   (iphone 3gs or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1   (ipod touch first  4 after generation )"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1.3"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1.2"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1.1"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1.3"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.0.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.10"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "iphone ipodtouch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1-"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "iphone ipodtouch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.2-"
      },
      {
        "model": "iphone ipodtouch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.3-"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "iphone iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1-"
      },
      {
        "model": "iphone iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.2-"
      },
      {
        "model": "iphone iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.3-"
      },
      {
        "model": "iphone ipodtouch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0-"
      },
      {
        "model": "iphone ipodtouch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2-"
      },
      {
        "model": "iphone ipodtouch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.1-"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.4"
      },
      {
        "model": "iphone iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0-"
      },
      {
        "model": "iphone iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2-"
      },
      {
        "model": "iphone iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.1-"
      },
      {
        "model": "iphone ipodtouch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0-"
      },
      {
        "model": "iphone ipodtouch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1-"
      },
      {
        "model": "iphone iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0-"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "iphone ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1-"
      },
      {
        "model": "iphone iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1-"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "57597"
      },
      {
        "db": "BID",
        "id": "57572"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-561"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0974"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:iphone_os",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Mark Dowd of Azimuth Security,  Andrew Plotkin of Zarfhome Software Consulting, Ben Madison of BitCloud, Marek Durcek, Abhishek Arya (Inferno) of the Google Chrome Security Team, Apple Product Security,  Aaron Nelson, Mario Heiderich of Cure53",
    "sources": [
      {
        "db": "BID",
        "id": "57572"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-561"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-0974",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "CVE-2013-0974",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "VHN-60976",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0974",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0974",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201301-561",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60976",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60976"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-561"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0974"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner. \nAttackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. \nNOTE: This issue was previously discussed in BID 57572 (Apple iPhone/iPad/iPod touch Prior to iOS 6.1 Multiple Vulnerabilities) but has been given its own record to better document it. Apple iOS for the iPhone, the iPod touch, and the iPad is prone to multiple security vulnerabilities.  These issues affect the following components:\nIdentity Services\nKernel\nStoreKit\nWebKit\nSuccessfully exploiting these issues may allow attackers to execute arbitrary script code, bypass security restrictions, obtain sensitive information, execute arbitrary code, or crash the affected device. Other attacks are also possible. \nThis BID is being retired. The following individual records exist to better document the issues:\n57576 WebKit CVE-2013-0948 Unspecified Memory Corruption Vulnerability\n57580 WebKit CVE-2013-0949 Unspecified Memory Corruption Vulnerability\n57581 WebKit CVE-2013-0950 Unspecified Memory Corruption Vulnerability\n57582 WebKit CVE-2013-0951 Unspecified Memory Corruption Vulnerability\n57583 WebKit CVE-2013-0962 Cross Site Scripting Vulnerability\n57584 WebKit CVE-2013-0952 Unspecified Memory Corruption Vulnerability\n57585 WebKit CVE-2013-0953 Unspecified Memory Corruption Vulnerability\n57586 WebKit CVE-2013-0954 Unspecified Memory Corruption Vulnerability\n57587 WebKit CVE-2013-0955 Unspecified Memory Corruption Vulnerability\n57588 WebKit CVE-2013-0956 Unspecified Memory Corruption Vulnerability\n57589 WebKit CVE-2013-0958 Unspecified Memory Corruption Vulnerability\n57590 WebKit CVE-2013-0959 Unspecified Memory Corruption Vulnerability\n57591 WebKit CVE-2013-0968 Unspecified Memory Corruption Vulnerability\n57595 Apple iPhone/iPad/iPod touch Prior to iOS 6.1 Information Disclosure Vulnerability\n57597 Apple iPhone/iPad/iPod touch CVE-2013-0974 Security Bypass Vulnerability\n57598 Apple iPhone/iPad/iPod touch Prior to iOS 6.1 CVE-2013-0963 Security Bypass Vulnerability. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-01-28-1 iOS 6.1 Software Update\n\niOS 6.1 Software Update is now available and addresses the following:\n\nIdentity Services\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Authentication relying on certificate-based Apple ID\nauthentication may be bypassed\nDescription:  An error handling issue existed in Identity Services. \nIf the user\u0027s AppleID certificate failed to validate, the user\u0027s\nAppleID was assumed to be the empty string. If multiple systems\nbelonging to different users enter this state, applications relying\non this identity determination may erroneously extend trust. This\nissue was addressed by ensuring that NULL is returned instead of an\nempty string. \nCVE-ID\nCVE-2013-0963\n\nInternational Components for Unicode\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A canonicalization issue existed in the handling of the\nEUC-JP encoding, which could lead to a cross-site scripting attack on\nEUC-JP encoded websites. This issue was addressed by updating the\nEUC-JP mapping table. \nCVE-ID\nCVE-2011-3058 : Masato Kinugawa\n\nKernel\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A user-mode process may be able to access the first page of\nkernel memory\nDescription:  The iOS kernel has checks to validate that the user-\nmode pointer and length passed to the copyin and copyout functions\nwould not result in a user-mode process being able to directly access\nkernel memory. The checks were not being used if the length was\nsmaller than one page. This issue was addressed through additional\nvalidation of the arguments to copyin and copyout. \nCVE-ID\nCVE-2013-0964 : Mark Dowd of Azimuth Security\n\nSecurity\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription:  Several intermediate CA certificates were mistakenly\nissued by TURKTRUST. This may allow a man-in-the-middle attacker to\nredirect connections and intercept user credentials or other\nsensitive information. This issue was addressed by not allowing the\nincorrect SSL certificates. This issue was addressed by not\nenabling JavaScript when visiting a site with a Smart App Banner. \nCVE-ID\nCVE-2013-0974 : Andrew Plotkin of Zarfhome Software Consulting, Ben\nMadison of BitCloud, Marek Durcek\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2012-2824 : miaubiz\nCVE-2012-2857 : Arthur Gerkis\nCVE-2012-3606 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3607 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3621 : Skylined of the Google Chrome Security Team\nCVE-2012-3632 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3687 : kuzzcc\nCVE-2012-3701 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0951 : Apple\nCVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the\nGoogle Chrome Security Team\nCVE-2013-0955 : Apple\nCVE-2013-0956 : Apple Product Security\nCVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0968 : Aaron Nelson\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Copying and pasting content on a malicious website may lead\nto a cross-site scripting attack\nDescription:  A cross-site scripting issue existed in the handling of\ncontent pasted from a different origin. This issue was addressed\nthrough additional validation of pasted content. \nCVE-ID\nCVE-2013-0962 : Mario Heiderich of Cure53\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-site scripting issue existed in the handling of\nframe elements. This issue was addressed through improved origin\ntracking. \nCVE-ID\nCVE-2012-2889 : Sergey Glazunov\n\nWiFi\nAvailable for:  iPhone 3GS, iPhone 4, iPod touch (4th generation),\niPad 2\nImpact:  A remote attacker on the same WiFi network may be able to\ntemporarily disable WiFi\nDescription:  An out of bounds read issue exists in Broadcom\u0027s\nBCM4325 and BCM4329 firmware\u0027s handling of 802.11i information\nelements. This issue was addressed through additional validation of\n802.11i information elements. \nCVE-ID\nCVE-2012-2619 : Andres Blanco and Matias Eissler of Core Security\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. The version after applying this update\nwill be \"6.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJRBffvAAoJEPefwLHPlZEwzYgP/0qhsTft9TUGuphoY9tth5WB\nD0+8pAKs+1HU+nMOaEKPbK+zdMxblhRNPQyhMuTAQaY5Z/iGn1EXVCTlQBO8esRW\nepxNZuhFoaW4wzK9kvw5d/HZ9tfq059ozlFOp1TI2D6J5RwNgxDfigt2PUKCTV4X\nu/BONQHIfINYMofgf5897LHYYFSU2+NJj5ouM5dY4Y/kfJkwAnG5AWCAGlEt3QOo\nMZdaVv3/itPj4te838FYCVAepel3xBWX0Hhuu87+waHslRrIfQl+EvNk3YZXxWiF\nO5Hw9Ng/H8n0sbeA39w0U8tw+q/wPhVexdULgRjBH65+6g7Cu5u+rMuYuRjl8fO/\nglLhKZNSrQDa5ZNOraOrF62AFVByHaSxv4cZwo262/6uH93FIBtklMt947GMVQLC\n1FT0CIGNJb1/0156bvsABfRScBtK9ZdIUjXhOHMinhQJX3qiBqyKc4/juYPmC9VC\nKXk2/K8b0sGWQRc5RuQsSpzkZF9WcrwmgGOBIghp2DLmbAAj0uh2Ttf1GdrOaajR\nXpZ2TTJ5qE+IHNU0/etroTYnzjKVjQ0pODrPZj7ALLXULTraXJRJy7fqraUzsHbi\nAZiRca+3x/S9nqV0NpTNPZgTwxenox10t0w5vhcBK+SPGga1oVRbtOjGtVIkgoG4\nKI3sdgb6PtpZWuIJ6iZA\n=J2jv\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nApple iOS Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52002\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52002/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52002\n\nRELEASE DATE:\n2013-01-29\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52002/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52002/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52002\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo security issues and multiple vulnerabilities have been reported\nin Apple iOS, which can be exploited by malicious people to conduct\ncross-site scripting attacks, bypass certain security restrictions,\nand compromise a user\u0027s device. \n\n1) An error when handling a validation failure of a AppleID\ncertificate within the IdentityService can be exploited to\npotentially bypass the certificate-based AppleID authentication via\nan invalid AppleID certificate. \n\n2) An error exists in International Components for Unicode. \n\n5) Multiple vulnerabilities are caused due to a bundled vulnerable\nversion of WebKit. \n\nSuccessful exploitation of vulnerabilities #3 and #5 through #17 may\nallow execution of arbitrary code. \n\n18) Certain input pasted from a different origin is not properly\nsanitised in WebKit before being used. \n\n19) Certain unspecified input related to frame handling is not\nproperly sanitised before being returned to the user. \n\nFor more information see vulnerability #1 in:\nSA50759\n\nNOTE: Additionally a weakness exists within the handling of 802.11i\ninformation elements within Broadcom\u0027s BCM4325 and BCM4329 firmware,\nwhich can be exploited to disable WiFi. \n\nPROVIDED AND/OR DISCOVERED BY:\n1, 9, 13, and 14) Reported by the vendor\n\nThe vendor credits:\n3) Mark Dowd, Azimuth Security\n4) Andrew Plotkin, Zarfhome Software Consulting, Ben Madison,\nBitCloud, and Marek Durcek\n6, 7, 8, 10, 11, 15, and 16) Abhishek Arya (Inferno), Google Chrome\nSecurity Team\n12) Dominic Cooney, Google and Martin Barbella, Google Chrome\nSecurity Team\n17) Aaron Nelson\n18) Mario Heiderich, Cure53\n\nORIGINAL ADVISORY:\nAPPLE-SA-2013-01-28-1:\nhttp://support.apple.com/kb/HT5642\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0974"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      },
      {
        "db": "BID",
        "id": "57597"
      },
      {
        "db": "BID",
        "id": "57572"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60976"
      },
      {
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "db": "PACKETSTORM",
        "id": "119887"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0974",
        "trust": 2.9
      },
      {
        "db": "OSVDB",
        "id": "89658",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "57572",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-561",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "52002",
        "trust": 0.7
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2013-01-28-1",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "57597",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-60976",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "119897",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "119887",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60976"
      },
      {
        "db": "BID",
        "id": "57597"
      },
      {
        "db": "BID",
        "id": "57572"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      },
      {
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "db": "PACKETSTORM",
        "id": "119887"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-561"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0974"
      }
    ]
  },
  "id": "VAR-201301-0342",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60976"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T20:13:59.515000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APPLE-SA-2013-01-28-1",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
      },
      {
        "title": "HT5642",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5642"
      },
      {
        "title": "HT5642",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5642?viewlocale=ja_JP"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-DesignError",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0974"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://support.apple.com/kb/ht5642"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2013/jan/msg00000.html"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/89658"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0974"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0974"
      },
      {
        "trust": 0.6,
        "url": "http://www.apple.com/iphone/softwareupdate/"
      },
      {
        "trust": 0.6,
        "url": "http://www.apple.com/ipad/"
      },
      {
        "trust": 0.6,
        "url": "http://www.apple.com/iphone/"
      },
      {
        "trust": 0.6,
        "url": "http://www.apple.com/ipodtouch/"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/52002"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/57572"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/itunes/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0956"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3687"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3632"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0954"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0955"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0948"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2889"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3621"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0959"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0952"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0958"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3701"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0949"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0962"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0968"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3058"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2857"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2619"
      },
      {
        "trust": 0.1,
        "url": "http://gpgtools.org"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0950"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0964"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0951"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0974"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2824"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0953"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3606"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3607"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0963"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52002"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/52002/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/blog/325/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/52002/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60976"
      },
      {
        "db": "BID",
        "id": "57597"
      },
      {
        "db": "BID",
        "id": "57572"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      },
      {
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "db": "PACKETSTORM",
        "id": "119887"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-561"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0974"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-60976"
      },
      {
        "db": "BID",
        "id": "57597"
      },
      {
        "db": "BID",
        "id": "57572"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      },
      {
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "db": "PACKETSTORM",
        "id": "119887"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-561"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0974"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-01-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60976"
      },
      {
        "date": "2013-01-28T00:00:00",
        "db": "BID",
        "id": "57597"
      },
      {
        "date": "2013-01-28T00:00:00",
        "db": "BID",
        "id": "57572"
      },
      {
        "date": "2013-01-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      },
      {
        "date": "2013-01-30T02:53:29",
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "date": "2013-01-29T06:19:58",
        "db": "PACKETSTORM",
        "id": "119887"
      },
      {
        "date": "2013-01-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201301-561"
      },
      {
        "date": "2013-01-29T05:58:55.023000",
        "db": "NVD",
        "id": "CVE-2013-0974"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-02-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60976"
      },
      {
        "date": "2013-01-28T00:00:00",
        "db": "BID",
        "id": "57597"
      },
      {
        "date": "2013-01-29T12:40:00",
        "db": "BID",
        "id": "57572"
      },
      {
        "date": "2013-01-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      },
      {
        "date": "2013-02-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201301-561"
      },
      {
        "date": "2024-11-21T01:48:33.747000",
        "db": "NVD",
        "id": "CVE-2013-0974"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "57597"
      },
      {
        "db": "BID",
        "id": "57572"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple iOS 6.1 Less than  StoreKit Vulnerable to access restrictions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001317"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "57597"
      },
      {
        "db": "BID",
        "id": "57572"
      }
    ],
    "trust": 0.6
  }
}

gsd-2013-0974

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2013-0974

Aliases

CVE-2013-0974

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-0974",
    "description": "StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner.",
    "id": "GSD-2013-0974"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-0974"
      ],
      "details": "StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner.",
      "id": "GSD-2013-0974",
      "modified": "2023-12-13T01:22:14.635826Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2013-0974",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://support.apple.com/kb/HT5642",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5642"
          },
          {
            "name": "89658",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/89658"
          },
          {
            "name": "APPLE-SA-2013-01-28-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.0.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-0974"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT5642",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5642"
            },
            {
              "name": "APPLE-SA-2013-01-28-1",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
            },
            {
              "name": "89658",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/89658"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2013-02-05T20:20Z",
      "publishedDate": "2013-01-29T05:58Z"
    }
  }
}

fkie_cve-2013-0974

Vulnerability from fkie_nvd

Published

2013-01-29 05:58

Modified

2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html	Vendor Advisory
product-security@apple.com	http://osvdb.org/89658
product-security@apple.com	http://support.apple.com/kb/HT5642	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/89658
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5642	Vendor Advisory

Impacted products

Vendor	Product	Version
apple	iphone_os	*
apple	iphone_os	6.0
apple	iphone_os	6.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FD52712-0484-421B-A5DD-2CF0B4C027BD",
              "versionEndIncluding": "6.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE0068D-C699-4646-9658-610409925A79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87C215DD-BC98-4283-BF13-69556EF7CB78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner."
    },
    {
      "lang": "es",
      "value": "StoreKit en Apple iOS anterior a v6.1, no maneja adecuadamente la desactivaci\u00f3n de JavaScript dentro de la configuraci\u00f3n de las preferencias de Safari, lo que permite a atacantes remotos evitar las restricciones de acceso y la ejecuci\u00f3n de JavaScript a trav\u00e9s de un sitio web con un Smart App Banner."
    }
  ],
  "id": "CVE-2013-0974",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-29T05:58:55.023",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://osvdb.org/89658"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/89658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5642"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2013-AVI-075

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans Apple iOS. Certaines d'entre elles permettent à un attaquant d'exécuter du code arbitraire à distance au moyen de pages Web spécialement conçues.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iOS versions antérieures à 6.1

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

ghsa-8w2f-ww3v-rhjq

Vulnerability from github

Published

2022-05-17 05:15

Modified

2022-05-17 05:15

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-0974"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-01-29T05:58:00Z",
    "severity": "MODERATE"
  },
  "details": "StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner.",
  "id": "GHSA-8w2f-ww3v-rhjq",
  "modified": "2022-05-17T05:15:50Z",
  "published": "2022-05-17T05:15:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0974"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/89658"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5642"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2013-0974 (GCVE-0-2013-0974)

Vulnerability from cvelistv5

var-201301-0342

Vulnerability from variot

gsd-2013-0974

Vulnerability from gsd

fkie_cve-2013-0974

Vulnerability from fkie_nvd

CERTA-2013-AVI-075

Vulnerability from certfr_avis

Solution

ghsa-8w2f-ww3v-rhjq

Vulnerability from github

Tags

Sightings

Nomenclature