The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging a different account's cookie.
2011-10-14T10:55:10.183
2025-04-11T00:51:21.963
Deferred
CVSSv2: 2.1 (LOW)
AV:L/AC:L/Au:N/C:P/I:N/A:N
3.9
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | apple | iphone_os | 3.0 | Yes |
Operating System | apple | iphone_os | 3.1 | Yes |
Operating System | apple | iphone_os | 3.1 | Yes |
Operating System | apple | iphone_os | 3.1 | Yes |
Operating System | apple | iphone_os | 3.1.2 | Yes |
Operating System | apple | iphone_os | 3.1.3 | Yes |
Operating System | apple | iphone_os | 3.2 | Yes |
Operating System | apple | iphone_os | 3.2 | Yes |
Operating System | apple | iphone_os | 3.2.1 | Yes |
Operating System | apple | iphone_os | 3.2.1 | Yes |
Operating System | apple | iphone_os | 3.2.2 | Yes |
Operating System | apple | iphone_os | 4.0 | Yes |
Operating System | apple | iphone_os | 4.0 | Yes |
Operating System | apple | iphone_os | 4.0 | Yes |
Operating System | apple | iphone_os | 4.0.1 | Yes |
Operating System | apple | iphone_os | 4.0.1 | Yes |
Operating System | apple | iphone_os | 4.0.1 | Yes |
Operating System | apple | iphone_os | 4.0.2 | Yes |
Operating System | apple | iphone_os | 4.1 | Yes |
Operating System | apple | iphone_os | 4.2.1 | Yes |
Operating System | apple | iphone_os | 4.2.5 | Yes |
Operating System | apple | iphone_os | 4.2.8 | Yes |
Operating System | apple | iphone_os | 4.3.0 | Yes |
Operating System | apple | iphone_os | 4.3.1 | Yes |
Operating System | apple | iphone_os | 4.3.2 | Yes |
Operating System | apple | iphone_os | 4.3.3 | Yes |
Operating System | apple | iphone_os | 4.3.5 | Yes |
Operating System | apple | iphone_os | 4.3.5 | Yes |
Operating System | apple | iphone_os | 4.3.5 | Yes |