The Restrictions (aka Parental Controls) implementation in Apple iOS before 6 does not properly handle purchase attempts after a Disable Restrictions action, which allows local users to bypass an intended Apple ID authentication step via an app that performs purchase transactions.
Max CVSS
1.9
EPSS Score
0.04%
Published
2012-09-20
Updated
2017-08-29
1 vulnerabilities found