CVSS: 3.6EPSS: 0%CPEs: 41EXPL: 0CVE-2012-3750
https://notcve.org/view.php?id=CVE-2012-3750
The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement and access Passbook passes via unspecified vectors. La implementación del bloqueo con Passcode en Apple iOS antes de v6.0.1 no gestiona adecuadamente el estado de bloqueo, lo que permite pasar por alto un requisito clave de acceso a atacantes físicamente próximos y acceder a las contraseñas del Passbook a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html http://support.apple.com/kb/HT5567 http://www.securityfocus.com/bid/56363 https://exchange.xforce.ibmcloud.com/vulnerabilities/79747 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 40EXPL: 0CVE-2012-3730
https://notcve.org/view.php?id=CVE-2012-3730
Mail in Apple iOS before 6 does not properly handle reuse of Content-ID header values, which allows remote attackers to spoof attachments via a header value that was also used in a previous e-mail message, as demonstrated by a message from a different sender. Mail en Apple iOS anterior a v6 no implementa adecuadamente la reutilización de los valores de cabecera Content-ID, lo que permite a atacantes remosos suplantar los adjuntos a través de un valor de cabecera que se usó en un correo previo, como se ha demostrado mediante un mensaje de un remitente distinto. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85626 http://support.apple.com/kb/HT5503 https://exchange.xforce.ibmcloud.com/vulnerabilities/78717 •
CVSS: 5.0EPSS: 0%CPEs: 40EXPL: 0CVE-2012-3724
https://notcve.org/view.php?id=CVE-2012-3724
CFNetwork in Apple iOS before 6 does not properly identify the host portion of a URL, which allows remote attackers to obtain sensitive information by leveraging the construction of an HTTP request with an incorrect hostname derived from a malformed URL. CFNetwork en Apple iOS anterior a v6 no identifica adecuadamente el host en una parte de la URL, lo que permite a atacantes remotos obtener información sensible aprovechando la construcción de una petición HTTP con un nombre de host incorrecto derivado de una URL mal formada. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85637 http://support.apple.com/kb/HT5503 https://exchange.xforce.ibmcloud.com/vulnerabilities/78723 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 0%CPEs: 40EXPL: 0CVE-2012-3732
https://notcve.org/view.php?id=CVE-2012-3732
Mail in Apple iOS before 6 uses an S/MIME message's From address as the displayed sender address, which allows remote attackers to spoof signed content via an e-mail message in which the From field does not match the signer's identity. Mail en Apple iOS anterior a v6 utiliza una dirección "desde" del tipo S/MIME para mostrar la dirección de envío, lo que permite a atacantes remotos suplantar el contenido firmado a través de un correo en el que el campo "From" (desde) no valida la identidad del firmante. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85625 http://support.apple.com/kb/HT5503 https://exchange.xforce.ibmcloud.com/vulnerabilities/78719 • CWE-310: Cryptographic Issues •
CVSS: 6.9EPSS: 0%CPEs: 40EXPL: 0CVE-2012-3728
https://notcve.org/view.php?id=CVE-2012-3728
The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter data structures, which allows local users to gain privileges via a crafted program that makes packet-filter ioctl calls. El kernel de Apple iOS anterior a v6 no referencia punteros no válidos durante el manejo del filtrado de paquetes en las estructuras de datos, lo que permite a usuarios locales obtener privilegios a través de programas modificados que realizan llamadas ioctl. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85629 http://support.apple.com/kb/HT5503 • CWE-264: Permissions, Privileges, and Access Controls •