Lucene search
HistoryDec 17, 2013 - 3:21 p.m.
CVE-2013-7127
apple
safari
mac os x
cleartext credentials
lastsession.plist
sensitive information
local users
cve-2013-7127
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext credentials in LastSession.plist, which allows local users to obtain sensitive information by reading this file.
Affected configurations
Node
applesafariMatch6.0.5
applemac_os_xMatch10.7.5
ORapplemac_os_xMatch10.8.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:safari | apple safari | eq | 6.0.5 |
| apple:mac_os_x | apple mac os x | eq | 10.7.5 |
| apple:mac_os_x | apple mac os x | eq | 10.8.5 |
Related
prion
prion
Design/Logic Flaw
2013-12-17 15:21:00
cvelist
cvelist
CVE-2013-7127
2013-12-17 11:00:00
openvas
openvas
Apple Safari Information Disclosure Vulnerability (Dec 2013) - Mac OS X
2013-12-19 00:00:00
nvd
nvd
CVE-2013-7127
2013-12-17 15:21:28
nessus
nessus
Mac OS X : Apple Safari < 6.1 Multiple Vulnerabilities
2013-10-23 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2013-7127