ByteOS Network

NVD Vulnerability Details :

CVE-2011-3245

Modified

Source-product-security@apple.com

Published At-14 Oct, 2011 | 10:55

Updated At-29 Apr, 2026 | 01:13

The Keyboards component in Apple iOS before 5 displays the final character of an entered password during a subsequent use of a keyboard, which allows physically proximate attackers to obtain sensitive information by reading this character.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N

Type: Primary

Version: 2.0

Base score: 2.1

Base severity: LOW

Vector:

AV:L/AC:L/Au:N/C:P/I:N/A:N

CPE Matches

Apple Inc.

>>iphone_os>>3.0

cpe:2.3:o:apple:iphone_os:3.0:-:iphone:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.1

cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.1

cpe:2.3:o:apple:iphone_os:3.1:-:iphone:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.1

cpe:2.3:o:apple:iphone_os:3.1:-:ipodtouch:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.1.2

cpe:2.3:o:apple:iphone_os:3.1.2:-:iphone:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.1.3

cpe:2.3:o:apple:iphone_os:3.1.3:-:iphone:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.2

cpe:2.3:o:apple:iphone_os:3.2:-:iphone:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.2

cpe:2.3:o:apple:iphone_os:3.2:-:ipodtouch:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.2.1

cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.2.1

cpe:2.3:o:apple:iphone_os:3.2.1:-:ipad:*:*:*:*:*

Apple Inc.

>>iphone_os>>3.2.2

cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.0

cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.0

cpe:2.3:o:apple:iphone_os:4.0:-:iphone:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.0

cpe:2.3:o:apple:iphone_os:4.0:-:ipodtouch:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.0.1

cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.0.1

cpe:2.3:o:apple:iphone_os:4.0.1:-:iphone:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.0.1

cpe:2.3:o:apple:iphone_os:4.0.1:-:ipodtouch:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.0.2

cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.1

cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.2.1

cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.2.5

cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.2.8

cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.3.0

cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.3.1

cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.3.2

cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.3.3

cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.3.5

cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.3.5

cpe:2.3:o:apple:iphone_os:4.3.5:-:ipad:*:*:*:*:*

Apple Inc.

>>iphone_os>>4.3.5

cpe:2.3:o:apple:iphone_os:4.3.5:-:ipodtouch:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-255	Primary	nvd@nist.gov

CWE ID: CWE-255

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html	product-security@apple.com	Vendor Advisory
http://osvdb.org/76329	product-security@apple.com	N/A
http://support.apple.com/kb/HT4999	product-security@apple.com	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/70555	product-security@apple.com	N/A
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://osvdb.org/76329	af854a3a-2127-422b-91ae-364da2661108	N/A
http://support.apple.com/kb/HT4999	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/70555	af854a3a-2127-422b-91ae-364da2661108	N/A