CVE-2008-0034

Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.apple.com/archives/security-announce/2008/Jan/msg00000.html
http://docs.info.apple.com/article.html?artnum=307302
http://www.securityfocus.com/bid/27297
http://www.securitytracker.com/id?1019219
http://secunia.com/advisories/28497
http://www.vupen.com/english/advisories/2008/0147
https://exchange.xforce.ibmcloud.com/vulnerabilities/39701

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:iphone_os:1.0.2:::::::*
	cpe:2.3:h:apple:iphone:1.0:::::::*
	cpe:2.3:o:apple:iphone_os:1.1.1:::::::*
	cpe:2.3:o:apple:iphone_os:1.1.2:::::::*
	cpe:2.3:o:apple:iphone_os:1.0.1:::::::*
	cpe:2.3:h:apple:iphone:1.02:::::::*

Information

Published : 2008-01-15 18:00

Updated : 2022-08-09 06:46

NVD link : CVE-2008-0034

Mitre link : CVE-2008-0034

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

apple

iphone_os
iphone

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://lists.apple.com/archives/security-announce/2008/Jan/msg00000.html", "name": "APPLE-SA-2008-01-15", "tags": [], "refsource": "APPLE"}, {"url": "http://docs.info.apple.com/article.html?artnum=307302", "name": "http://docs.info.apple.com/article.html?artnum=307302", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/27297", "name": "27297", "tags": [], "refsource": "BID"}, {"url": "http://www.securitytracker.com/id?1019219", "name": "1019219", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/28497", "name": "28497", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2008/0147", "name": "ADV-2008-0147", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39701", "name": "iphone-passcode-lock-security-bypass(39701)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-0034", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2008-01-16T02:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:apple:iphone:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:apple:iphone:1.02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-08-09T13:46Z"}