CVE-2013-0964

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-0964
The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.

3.6 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 3.9 / Impact : 4.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://support.apple.com/kb/HT5642 Vendor Advisory
http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html Vendor Advisory
http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html Vendor Advisory
http://support.apple.com/kb/HT5643 Vendor Advisory
http://osvdb.org/89659
http://www.securityfocus.com/bid/57595
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:tvos:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.4.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:5.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.4.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.3.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.3.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:2.4.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:3.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:3.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:3.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.3.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.4.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:4.4.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:5.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:5.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:5.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*
Information

Published : 2013-01-28 21:58

Updated : 2019-03-08 08:06

NVD link : CVE-2013-0964

Mitre link : CVE-2013-0964

JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa
Products Affected

apple

  • tvos
  • iphone_os