CVE-2013-5987

Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://nvidia.custhelp.com/app/answers/detail/a_id/3377	Vendor Advisory
http://support.apple.com/kb/HT6150	Third Party Advisory
http://marc.info/?l=bugtraq&m=139965942001604&w=2	Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:nvidia:gpu_driver:304.00:-:::windows:::*
	cpe:2.3:a:nvidia:gpu_driver:310.00:-:::windows:::*
	cpe:2.3:a:nvidia:gpu_driver:325.00:-:::windows:::*
	cpe:2.3:a:nvidia:gpu_driver:304.00:-:::unix:::*
	cpe:2.3:a:nvidia:gpu_driver:319.00:-:::unix:::*
	cpe:2.3:a:nvidia:gpu_driver:331.00:-:::unix:::*
	cpe:2.3:a:nvidia:gpu_driver:319.00:-:::windows:::*
	cpe:2.3:a:nvidia:gpu_driver:331.00:-:::windows:::*

Configuration 2 (hide)

cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*

Information

Published : 2014-01-21 10:55

Updated : 2016-08-23 08:15

NVD link : CVE-2013-5987

Mitre link : CVE-2013-5987

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

nvidia

gpu_driver

apple

mac_os_x

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3377", "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/3377", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://support.apple.com/kb/HT6150", "name": "http://support.apple.com/kb/HT6150", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://marc.info/?l=bugtraq&m=139965942001604&w=2", "name": "HPSBHF02946", "tags": ["Third Party Advisory"], "refsource": "HP"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-5987", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "acInsufInfo": true, "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-01-21T18:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:nvidia:gpu_driver:304.00:-:*:*:windows:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:nvidia:gpu_driver:310.00:-:*:*:windows:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:nvidia:gpu_driver:325.00:-:*:*:windows:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:nvidia:gpu_driver:304.00:-:*:*:unix:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:nvidia:gpu_driver:319.00:-:*:*:unix:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:nvidia:gpu_driver:331.00:-:*:*:unix:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:nvidia:gpu_driver:319.00:-:*:*:windows:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:nvidia:gpu_driver:331.00:-:*:*:windows:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-08-23T15:15Z"}