Vulnerabilities > CVE-2008-0034 - Unspecified vulnerability in Apple Iphone and Iphone OS
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 | |
| Hardware | 2 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 27297 CVE(CAN) ID: CVE-2008-0034 Apple iPhone是苹果最新发布的智能手机。 iPhone的Passcode Lock功能允许用户锁定手机应用,除非输入了正确的密码,否则无法启动应用程序。但在处理紧急呼叫时的实现错误允许能够物理访问iPhone手机的用户无需输入密码便可以加载应用程序。 Apple iPhone 1.0 - 1.1.2 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://www.apple.com target=_blank>http://www.apple.com</a> |
| id | SSV:2830 |
| last seen | 2017-11-19 |
| modified | 2008-01-17 |
| published | 2008-01-17 |
| reporter | Root |
| title | Apple iPhone Passcode Lock绕过安全限制漏洞 |
References
- http://lists.apple.com/archives/security-announce/2008/Jan/msg00000.html
- http://docs.info.apple.com/article.html?artnum=307302
- http://www.securityfocus.com/bid/27297
- http://www.securitytracker.com/id?1019219
- http://secunia.com/advisories/28497
- http://www.vupen.com/english/advisories/2008/0147
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39701