CVE-2013-3948 in Apple iOS信息

摘要 (英语)

Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS Enterprise Deployment installation dialog, which makes it easier for remote attackers to trigger installation of arbitrary applications via a download-manifest itms-services:// URL that leverages an open redirect vulnerability within a trusted domain.

预定

2013-06-05

披露

2013-06-05

条目

VulDB provides additional information and datapoints for this CVE:

标识符	漏洞	CWE	可利用	对策	CVE
9023	Apple iOS Enterprise Deployment Process itms-services: 权限提升	20	概念验证	未定义	CVE-2013-3948

描述

CPE

CWE

CVSS

漏洞利用

历史

差异

连接

威胁情报

API JSON

API XML

API CSV

◂ 上一步一览下一步 ▸

Do you know our Splunk app?

Download it now for free!