Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0963

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2013-0963
Last Modified 15 Mar 2013 11:39:45
Published 29 Jan 2013 12:58:54
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2013-0963

Summary

Identity Services in Apple iOS before 6.1 does not properly handle validation failures of AppleID certificates, which might allow physically proximate attackers to bypass authentication by leveraging an incorrect assignment of an empty string value to an AppleID.

Vulnerable Systems

Operating System

  • Apple Iphone Os 1.0.0

  • Apple Iphone Os 1.0.1

  • Apple Iphone Os 1.0.2

  • Apple Iphone Os 1.1.0

  • Apple Iphone Os 1.1.1

  • Apple Iphone Os 1.1.2

  • Apple Iphone Os 1.1.3

  • Apple Iphone Os 1.1.4

  • Apple Iphone Os 1.1.5

  • Apple Iphone Os 2.0

  • Apple Iphone Os 2.0.0

  • Apple Iphone Os 2.0.1

  • Apple Iphone Os 2.0.2

  • Apple Iphone Os 2.1

  • Apple Iphone Os 2.1.1

  • Apple Iphone Os 2.2

  • Apple Iphone Os 2.2.1

  • Apple Iphone Os 3.0

  • Apple Iphone Os 3.0.1

  • Apple Iphone Os 3.1

  • Apple Iphone Os 3.1.2

  • Apple Iphone Os 3.1.3

  • Apple Iphone Os 3.2

  • Apple Iphone Os 3.2.1

  • Apple Iphone Os 3.2.2

  • Apple Iphone Os 4.0

  • Apple Iphone Os 4.0.1

  • Apple Iphone Os 4.0.2

  • Apple Iphone Os 4.1

  • Apple Iphone Os 4.2.1

  • Apple Iphone Os 4.2.5

  • Apple Iphone Os 4.2.8

  • Apple Iphone Os 4.3.0

  • Apple Iphone Os 4.3.1

  • Apple Iphone Os 4.3.2

  • Apple Iphone Os 4.3.3

  • Apple Iphone Os 4.3.5

  • Apple Iphone Os 5.0

  • Apple Iphone Os 5.0.1

  • Apple Iphone Os 5.1

  • Apple Iphone Os 5.1.1

  • Apple Iphone Os 6.0

  • Apple Iphone Os 6.0.1

  • Apple Iphone Os 6.0.2


References

CONFIRM - http://support.apple.com/kb/HT5642

APPLE - APPLE-SA-2013-01-28-1

APPLE - APPLE-SA-2013-03-14-1

Related Patches

Apple 2013-03-14 Mac OS X 10.8.3 Update (Rev 2)

Apple 2013-03-14 Mac OS X 10.8.3 Combo Update (Rev 3)

Apple 2013-03-14 Security Update 2013-001 Server (Lion)

Apple 2013-03-14 Security Update 2013-001 (Lion)


Last Updated: 27 May 2016 10:58:32