CVE-2012-3738 Information

Description

The Emergency Dialer screen in the Passcode Lock implementation in Apple iOS before 6 does not properly limit the dialing methods which allows physically proximate attackers to bypass intended access restrictions and make FaceTime calls through Voice Dialing or obtain sensitive contact information by attempting to make a FaceTime call and reading the contact suggestions.

Reference

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85620 http://support.apple.com/kb/HT5503