CVE-2012-0645

Low CVSS 1.2

Overview

Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient.

CWE: CWE-264 Published: 2012-03-08T22:55:04.247

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 1.2 (LOW)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags