CVE-2012-0646

Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon…

apple·CWE-134·Published 2012-03-08

CVSS

—

EPSS

0.05

KEV

Exploits

cve.orgen

149 chars

Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.

NVDen

149 chars

Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.

NVDes

229 chars

Una vulnerabilidad de formato de cadena en la VPN de Apple iOS antes de v5.1 permite a atcantes remotos ejecutar código de su elección a través de un fichero de configuración racoon.conf específicamente configurado para este fin.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	9.3	8.6	10.0	AV:N/AC:M/Au:N/C:C/I:C/A:C