Lucene search
K

25 matches found

Prion
Prion
added 2013/06/05 2:39 p.m.24 views

Design/Logic Flaw

The posixspawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the POSIXSPAWNDISABLEASLR and POSIXSPAWNALLOWDATAEXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper program that calls the...

2.1CVSS6.2AI score0.00494EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2013/06/05 10:0 a.m.23 views

CVE-2013-3954

The posixspawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to 1 cause a denial of service panic via a size value that is inconsistent with a header count field, or 2 obtain sensitive...

5.8AI score0.00416EPSS
Exploits1References7
Cvelist
Cvelist
added 2013/06/05 10:0 a.m.61 views

CVE-2013-3949

The posixspawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the POSIXSPAWNDISABLEASLR and POSIXSPAWNALLOWDATAEXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper program that calls the...

5.8AI score0.00494EPSS
Exploits1References2
CVE
CVE
added 2013/06/05 10:0 a.m.47 views

CVE-2013-3954

CVE-2013-3954 affects Apple OS X/macOS kernels (e.g., OS X 10.8.x) where the posix_spawn API arguments to file/port actions are not properly validated. The underlying cause is insufficient bounds checking on data for file actions and port actions, enabling a local attacker to trigger a panic (DoS...

6.9CVSS5.8AI score0.00416EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2013/06/05 10:0 a.m.58 views

CVE-2013-3949

The CVE-2013-3949 entry concerns the XNU kernel used in Apple Mac OS X 10.8.x. The issue arises in the posix_spawn system call, which does not prevent the use of _POSIX_SPAWN_DISABLE_ASLR and _POSIX_SPAWN_ALLOW_DATA_EXEC flags for setuid/setgid programs. This enables local users to bypass intende...

2.1CVSS5.9AI score0.00494EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder