CVE-2013-0966

2013-03-15T20:55:00
ID CVE-2013-0966
Type cve
Reporter cve@mitre.org
Modified 2013-03-18T16:52:00

Description

The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.