CVE Vulnerabilities

CVE-2011-3257

Published: Oct 14, 2011 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging a different accounts cookie.

Affected Software

Name Vendor Start Version End Version
Iphone_os Apple 4.0 4.0
Iphone_os Apple 4.3.2 4.3.2
Iphone_os Apple 4.0.2 4.0.2
Iphone_os Apple 4.0.1 4.0.1
Iphone_os Apple 3.2 3.2
Iphone_os Apple 4.2.8 4.2.8
Iphone_os Apple 4.1 4.1
Iphone_os Apple 3.1.2 3.1.2
Iphone_os Apple 4.3.5 4.3.5
Iphone_os Apple 3.1.3 3.1.3
Iphone_os Apple 4.3.1 4.3.1
Iphone_os Apple 4.2.5 4.2.5
Iphone_os Apple 3.2.1 3.2.1
Iphone_os Apple 3.1 3.1
Iphone_os Apple 4.3.5 4.3.5
Iphone_os Apple 3.1 3.1
Iphone_os Apple 3.2 3.2
Iphone_os Apple 4.3.5 4.3.5
Iphone_os Apple 4.2.1 4.2.1
Iphone_os Apple 3.0 3.0
Iphone_os Apple 4.0.1 4.0.1
Iphone_os Apple 4.3.3 4.3.3
Iphone_os Apple 4.0.1 4.0.1
Iphone_os Apple 4.0 4.0
Iphone_os Apple 3.1 3.1
Iphone_os Apple 4.0 4.0
Iphone_os Apple 4.3.0 4.3.0
Iphone_os Apple 3.2.1 3.2.1
Iphone_os Apple 3.2.2 3.2.2

References