ByteOS Network

NVD Vulnerability Details :

CVE-2013-0974

Deferred

Source-product-security@apple.com

Published At-29 Jan, 2013 | 05:58

Updated At-11 Apr, 2025 | 00:51

StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	5.1	MEDIUM	AV:N/AC:H/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 5.1

Base severity: MEDIUM

Vector:

AV:N/AC:H/Au:N/C:P/I:P/A:P

CPE Matches

Apple Inc.

>>iphone_os>>Versions up to 6.0.2(inclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>6.0

cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>6.0.1

cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html	product-security@apple.com	Vendor Advisory
http://osvdb.org/89658	product-security@apple.com	N/A
http://support.apple.com/kb/HT5642	product-security@apple.com	Vendor Advisory
http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://osvdb.org/89658	af854a3a-2127-422b-91ae-364da2661108	N/A
http://support.apple.com/kb/HT5642	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory