VAR-201311-0289
Vulnerability from variot - Updated: 2025-04-11 23:11The App Store component in Apple iOS before 7.0.4 does not properly enforce an intended transaction-time password requirement, which allows local users to complete a (1) App purchase or (2) In-App purchase by leveraging previous entry of Apple ID credentials. Attackers with physical access to device can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Versions prior to Apple iOS 7.0.4 are vulnerable. It allows users to browse and download some applications developed by iOS SDK or Mac SDK through the iTunes Store platform. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-11-14-1 iOS 7.0.4
iOS 7.0.4 is now available and addresses the following:
App Store Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: App and In-App purchases may be completed with insufficient authorization Description: A signed-in user may be able to complete a transaction without providing a password when prompted. This issue was addressed by additional enforcement of purchase authorization. CVE-ID CVE-2013-5193
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "7.0.4".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJSg/3rAAoJEPefwLHPlZEwrmwQALOZgzGi4w65EqFokRc/CPdi qLnSiSdi8IyoZ2y//v2jiTiOoI7F+3ugf1HgYGcZFt+1d20y37QnlKYqEDU3z2O7 J3YuKj8qF9IrdZUOMzmirbfizxLI1+4egJj0iDGHWkylTK03y7GPAjTxhUItk6D+ rzaXOH6uqKrNEo3zFSU7QGx7Sn9dCg8xUoV6gD+wDwsB8Bqu2Qh1hkWAer10+0SF TuMpENhuHtUg++y6msoh+Q77Wj37tXV0WlGgwAMFeHUtqgVKpw2dHOugUUFFoE4l 8MatQxvLzW2P0YkbSDgbhbfrz0Op2isnfuHbTSNrUWYhs+pvgb6Zh0SlKQSC2aqa rxTCxk5TG+OFiX4TOAGnEhcQMAvWmLEy/z/HtRIoduhdviL1ysFP3aaDqvE34YjD DRgTRoFuENpqsx1a07pcA47xNogY6pMd8X5/EnvJKKEjSlCvnqlyApXX2U8Bg3Om fA6f7YJQi/7e3/eCdYDY0uam896vk8hXoiqhV/PmCbs2kCoesWWUF6T80uqUtEzQ do/guugRHR4gcqyjrnSAFjLaYG1JYWT+wsYtPVwpw4ZBkICIyn6NZ3vjMGN64mCi wQA0p57TdIeM6z37yxTmzDwwSJE0nNd0XS7AWGY0+r78gezyKbssAaljHhBfjRTG ucZNjTlJ1QL7WoFsqeM1 =erop -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0289",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.0.4 (ipad 2 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.0.4 (iphone 4 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.0.4 (ipod touch first 5 after generation )"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "63723"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-230"
},
{
"db": "NVD",
"id": "CVE-2013-5193"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "BID",
"id": "63723"
},
{
"db": "PACKETSTORM",
"id": "124027"
}
],
"trust": 0.4
},
"cve": "CVE-2013-5193",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "CVE-2013-5193",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "VHN-65195",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:N/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-5193",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-5193",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-230",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-65195",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65195"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-230"
},
{
"db": "NVD",
"id": "CVE-2013-5193"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The App Store component in Apple iOS before 7.0.4 does not properly enforce an intended transaction-time password requirement, which allows local users to complete a (1) App purchase or (2) In-App purchase by leveraging previous entry of Apple ID credentials. \nAttackers with physical access to device can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. \nVersions prior to Apple iOS 7.0.4 are vulnerable. It allows users to browse and download some applications developed by iOS SDK or Mac SDK through the iTunes Store platform. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-11-14-1 iOS 7.0.4\n\niOS 7.0.4 is now available and addresses the following:\n\nApp Store\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: App and In-App purchases may be completed with insufficient\nauthorization\nDescription: A signed-in user may be able to complete a transaction\nwithout providing a password when prompted. This issue was addressed\nby additional enforcement of purchase authorization. \nCVE-ID\nCVE-2013-5193\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"7.0.4\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJSg/3rAAoJEPefwLHPlZEwrmwQALOZgzGi4w65EqFokRc/CPdi\nqLnSiSdi8IyoZ2y//v2jiTiOoI7F+3ugf1HgYGcZFt+1d20y37QnlKYqEDU3z2O7\nJ3YuKj8qF9IrdZUOMzmirbfizxLI1+4egJj0iDGHWkylTK03y7GPAjTxhUItk6D+\nrzaXOH6uqKrNEo3zFSU7QGx7Sn9dCg8xUoV6gD+wDwsB8Bqu2Qh1hkWAer10+0SF\nTuMpENhuHtUg++y6msoh+Q77Wj37tXV0WlGgwAMFeHUtqgVKpw2dHOugUUFFoE4l\n8MatQxvLzW2P0YkbSDgbhbfrz0Op2isnfuHbTSNrUWYhs+pvgb6Zh0SlKQSC2aqa\nrxTCxk5TG+OFiX4TOAGnEhcQMAvWmLEy/z/HtRIoduhdviL1ysFP3aaDqvE34YjD\nDRgTRoFuENpqsx1a07pcA47xNogY6pMd8X5/EnvJKKEjSlCvnqlyApXX2U8Bg3Om\nfA6f7YJQi/7e3/eCdYDY0uam896vk8hXoiqhV/PmCbs2kCoesWWUF6T80uqUtEzQ\ndo/guugRHR4gcqyjrnSAFjLaYG1JYWT+wsYtPVwpw4ZBkICIyn6NZ3vjMGN64mCi\nwQA0p57TdIeM6z37yxTmzDwwSJE0nNd0XS7AWGY0+r78gezyKbssAaljHhBfjRTG\nucZNjTlJ1QL7WoFsqeM1\n=erop\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5193"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
},
{
"db": "BID",
"id": "63723"
},
{
"db": "VULHUB",
"id": "VHN-65195"
},
{
"db": "PACKETSTORM",
"id": "124027"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-65195",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65195"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5193",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005128",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-230",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2013-11-14-1",
"trust": 0.6
},
{
"db": "BID",
"id": "63723",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "124027",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-61074",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-65195",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65195"
},
{
"db": "BID",
"id": "63723"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
},
{
"db": "PACKETSTORM",
"id": "124027"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-230"
},
{
"db": "NVD",
"id": "CVE-2013-5193"
}
]
},
"id": "VAR-201311-0289",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-65195"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:11:58.902000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2013-11-14-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2013/Nov/msg00000.html"
},
{
"title": "HT6058",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6058"
},
{
"title": "HT6058",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6058?viewlocale=ja_JP"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65195"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
},
{
"db": "NVD",
"id": "CVE-2013-5193"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://lists.apple.com/archives/security-announce/2013/nov/msg00000.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht6058"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5193"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5193"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ios/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ipad/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/iphone/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ipodtouch/"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5193"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65195"
},
{
"db": "BID",
"id": "63723"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
},
{
"db": "PACKETSTORM",
"id": "124027"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-230"
},
{
"db": "NVD",
"id": "CVE-2013-5193"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-65195"
},
{
"db": "BID",
"id": "63723"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
},
{
"db": "PACKETSTORM",
"id": "124027"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-230"
},
{
"db": "NVD",
"id": "CVE-2013-5193"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-18T00:00:00",
"db": "VULHUB",
"id": "VHN-65195"
},
{
"date": "2013-11-14T00:00:00",
"db": "BID",
"id": "63723"
},
{
"date": "2013-11-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005128"
},
{
"date": "2013-11-15T13:13:13",
"db": "PACKETSTORM",
"id": "124027"
},
{
"date": "2013-11-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-230"
},
{
"date": "2013-11-18T02:55:09.750000",
"db": "NVD",
"id": "CVE-2013-5193"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-65195"
},
{
"date": "2015-03-19T08:27:00",
"db": "BID",
"id": "63723"
},
{
"date": "2013-11-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005128"
},
{
"date": "2013-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-230"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-5193"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "63723"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-230"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple iOS of App Store Vulnerability in completing app purchases or in-app purchases in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005128"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-230"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…