Security Advisory

CVE-2013-5156

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-09-19 10:00:00

Last updated 2024-08-06 17:06:51

Assigner apple

State PUBLISHED

Description

The Telephony subsystem in Apple iOS before 7 does not require API conformity for access to telephony-daemon interfaces, which allows attackers to bypass intended restrictions on phone calls via a crafted app that sends direct requests to the daemon.

← Browse all CVEs View on cve.org ↗