The Telephony subsystem in Apple iOS before 7 does not require API conformity for access to telephony-daemon interfaces, which allows attackers to bypass intended restrictions on phone calls via a crafted app that sends direct requests to the daemon.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2013-09-19T10:00:00
Updated: 2024-08-06T17:06:51.644Z
Reserved: 2013-08-15T00:00:00
Link: CVE-2013-5156
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2013-09-19T10:28:01.053
Modified: 2013-10-22T19:52:04.683
Link: CVE-2013-5156
Redhat
No data.