CVE-2012-3738

The Emergency Dialer screen in the Passcode Lock implementation in Apple iOS before 6 does not properly limit the dialing methods, which allows physically proximate attackers to bypass intended access restrictions and make FaceTime calls through Voice Dialing, or obtain sensitive contact information by attempting to make a FaceTime call and reading the contact suggestions.

Published: Sep 20, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-3738
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
apple / iphone_os	3.0	3.0.x
apple / iphone_os	3.2	3.2.x
apple / iphone_os	3.1.3	3.1.3.x
apple / iphone_os	1.0.2	1.0.2.x
apple / iphone_os	4.3.2	4.3.2.x
apple / iphone_os	4.0.2	4.0.2.x
apple / iphone_os	2.2	2.2.x
apple / iphone_os	1.1.1	1.1.1.x
apple / iphone_os	5.1	5.1.x
apple / iphone_os	4.2.8	4.2.8.x
apple / iphone_os	-	5.1.1.x
apple / iphone_os	4.1	4.1.x
apple / iphone_os	3.1.2	3.1.2.x
apple / iphone_os	3.0.1	3.0.1.x
apple / iphone_os	4.3.1	4.3.1.x
apple / iphone_os	4.2.5	4.2.5.x
apple / iphone_os	1.1.2	1.1.2.x
apple / iphone_os	3.1	3.1.x
apple / iphone_os	1.1.3	1.1.3.x
apple / iphone_os	1.1.0	1.1.0.x
apple / iphone_os	1.0.1	1.0.1.x
apple / iphone_os	2.1	2.1.x
apple / iphone_os	4.3.5	4.3.5.x
apple / iphone_os	4.2.1	4.2.1.x
apple / iphone_os	1.1.5	1.1.5.x
apple / iphone_os	4.0.1	4.0.1.x
apple / iphone_os	4.3.3	4.3.3.x
apple / iphone_os	5.0.1	5.0.1.x
apple / iphone_os	2.1.1	2.1.1.x
apple / iphone_os	1.1.4	1.1.4.x
apple / iphone_os	5.0	5.0.x
apple / iphone_os	1.0.0	1.0.0.x
apple / iphone_os	2.0.2	2.0.2.x
apple / iphone_os	2.0	2.0.x
apple / iphone_os	2.0.1	2.0.1.x
apple / iphone_os	4.0	4.0.x
apple / iphone_os	4.3.0	4.3.0.x
apple / iphone_os	2.2.1	2.2.1.x
apple / iphone_os	3.2.1	3.2.1.x
apple / iphone_os	3.2.2	3.2.2.x

Vulnerability Database

CVE-2012-3738