The Assets subsystem in Apple iOS prior to 8 and Apple TV prior to 7 allows man-in-the-middle malicious users to spoof a device's update status via a crafted Last-Modified HTTP response header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os 7.0 |
||
apple iphone os 7.1.1 |
||
apple iphone os 7.0.2 |
||
apple iphone os 7.0.1 |
||
apple iphone os 7.0.6 |
||
apple iphone os 7.0.5 |
||
apple iphone os 7.1 |
||
apple iphone os |
||
apple iphone os 7.0.4 |
||
apple iphone os 7.0.3 |
||
apple tvos 6.1 |
||
apple tvos 6.0.2 |
||
apple tvos 6.1.2 |
||
apple tvos 6.1.1 |
||
apple tvos 6.0.1 |
||
apple tvos 6.0 |
||
apple tvos |