Lucene search
HistoryJun 05, 2013 - 2:39 p.m.
CVE-2013-3953
cve-2013-3953
mach_port_space_info
osfmk
ipc
mach_debug.c
xnu kernel
apple
mac os x
security vulnerability
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
4.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call.
Affected configurations
Node
applemac_os_xMatch10.8.0
ORapplemac_os_xMatch10.8.1
ORapplemac_os_xMatch10.8.2
ORapplemac_os_xMatch10.8.3
ORapplemac_os_xMatch10.8.4
Node
appleiphone_osRange≤6.1.4
ORappleiphone_osMatch1.0.0
ORappleiphone_osMatch1.0.1
ORappleiphone_osMatch1.0.2
ORappleiphone_osMatch1.1.0
ORappleiphone_osMatch1.1.1
ORappleiphone_osMatch1.1.2
ORappleiphone_osMatch1.1.3
ORappleiphone_osMatch1.1.4
ORappleiphone_osMatch1.1.5
ORappleiphone_osMatch2.0
ORappleiphone_osMatch2.0.0
ORappleiphone_osMatch2.0.1
ORappleiphone_osMatch2.0.2
ORappleiphone_osMatch2.1
ORappleiphone_osMatch2.1.1
ORappleiphone_osMatch2.2
ORappleiphone_osMatch2.2.1
ORappleiphone_osMatch3.0
ORappleiphone_osMatch3.0.1
ORappleiphone_osMatch3.1
ORappleiphone_osMatch3.1.2
ORappleiphone_osMatch3.1.3
ORappleiphone_osMatch3.2
ORappleiphone_osMatch3.2.1
ORappleiphone_osMatch3.2.2
ORappleiphone_osMatch4.0
ORappleiphone_osMatch4.0.1
ORappleiphone_osMatch4.0.2
ORappleiphone_osMatch4.1
ORappleiphone_osMatch4.2.1
ORappleiphone_osMatch4.2.5
ORappleiphone_osMatch4.2.8
ORappleiphone_osMatch4.3.0
ORappleiphone_osMatch4.3.1
ORappleiphone_osMatch4.3.2
ORappleiphone_osMatch4.3.3
ORappleiphone_osMatch4.3.5
ORappleiphone_osMatch5.0
ORappleiphone_osMatch5.0.1
ORappleiphone_osMatch5.1
ORappleiphone_osMatch5.1.1
ORappleiphone_osMatch6.0
ORappleiphone_osMatch6.0.1
ORappleiphone_osMatch6.0.2
ORappleiphone_osMatch6.1
ORappleiphone_osMatch6.1.2
ORappleiphone_osMatch6.1.3
Related
prion
prion
Design/Logic Flaw
2013-06-05 14:39:00
nvd
nvd
CVE-2013-3953
2013-06-05 14:39:55
cvelist
cvelist
CVE-2013-3953
2013-06-05 10:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities - 01 (Jan 2014)
2014-01-20 00:00:00
securityvulns
securityvulns
Apple TV multiple security vulnerabilities
2013-10-02 00:00:00
APPLE-SA-2013-09-20-1 Apple TV 6.0
2013-10-02 00:00:00
Apple iPhone / iPad multiple securit vulnerabilities
2013-12-09 00:00:00
nessus
nessus
Apple TV < 6.0 Multiple Vulnerabilities
2013-10-01 00:00:00
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
4.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2013-3953