CVE-2013-5193

The App Store component in Apple iOS before 7.0.4 does not properly enforce an intended transaction-time password requirement, which allows local users to complete a (1) App purchase or (2) In-App purchase by leveraging previous entry of Apple ID credentials.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Information

Published : 2013-11-17 18:55

Updated : 2013-11-19 16:24


NVD link : CVE-2013-5193

Mitre link : CVE-2013-5193


JSON object : View

CWE
CWE-255

Credentials Management Errors

Advertisement

dedicated server usa

Products Affected

apple

  • iphone_os