3 matches found
Path traversal
sys/openbsd/stackprotector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the...
CVE-2013-3951
CVE-2013-3951 affects Apple iOS 6.1.3 and Mac OS X 10.8.x. Kernel/XNU stack cookies could be bypassed due to improper generation/parsing of user-space stack cookies, allowing local attackers to bypass cookie randomization via a stack-guard= path. Exploitation is described in the kernel context as...
Apple Releases iOS 6.1.3
Apple has released iOS 6.1.3 for the iPhone 3GS or later, iPod touch 4th generation or later, and iPad 2 or later to address multiple vulnerabilities. These vulnerabilities may allow an attacker to operate with elevated privileges, bypass security features or execute arbitrary code. US-CERT...