Lucene search

PRIOn knowledge basePRION:CVE-2013-3953

HistoryJun 05, 2013 - 2:39 p.m.

Design/Logic Flaw

2013-06-0514:39:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call.

CPENameOperatorVersion
iphone_oseq6.1.2
iphone_oseq3.0
iphone_oseq3.2
iphone_oseq3.1.3
iphone_oseq1.0.2
iphone_oseq4.3.2
iphone_oseq4.0.2
iphone_osle6.1.4
iphone_oseq2.2
iphone_oseq1.1.1

Name	Operator	Version
iphone_os	eq	6.1.2
iphone_os	eq	3.0
iphone_os	eq	3.2
iphone_os	eq	3.1.3
iphone_os	eq	1.0.2
iphone_os	eq	4.3.2
iphone_os	eq	4.0.2
iphone_os	le	6.1.4
iphone_os	eq	2.2
iphone_os	eq	1.1.1

Rows per page:

1-10 of 531

References

antid0te.com/syscan_2013/SyScan2013_Mountain_Lion_iOS_Vulnerabilities_Garage_Sale_Whitepaper.pdf

lists.apple.com/archives/security-announce/2013/Sep/msg00006.html

support.apple.com/kb/HT5934

www.securitytracker.com/id/1029054

www.syscan.org/index.php/sg/program/day/2

5.4 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2013-3953