cvelistv5 - cve-2013-0964

CVE-2013-0964 (GCVE-0-2013-0964)

Vulnerability from cvelistv5 – Published: 2013-01-29 02:00 – Updated: 2024-08-06 14:41

Summary

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

Tags

	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://support.apple.com/kb/HT5642	x_refsource_CONFIRM
	http://support.apple.com/kb/HT5643	x_refsource_CONFIRM
	http://osvdb.org/89659	vdb-entryx_refsource_OSVDB
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.securityfocus.com/bid/57595	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:41:48.227Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-01-28-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5642"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5643"
          },
          {
            "name": "89659",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/89659"
          },
          {
            "name": "APPLE-SA-2013-01-28-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
          },
          {
            "name": "57595",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57595"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-01-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-02-02T10:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-01-28-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5642"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5643"
        },
        {
          "name": "89659",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/89659"
        },
        {
          "name": "APPLE-SA-2013-01-28-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
        },
        {
          "name": "57595",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57595"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-0964",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-01-28-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5642",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5642"
            },
            {
              "name": "http://support.apple.com/kb/HT5643",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5643"
            },
            {
              "name": "89659",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/89659"
            },
            {
              "name": "APPLE-SA-2013-01-28-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
            },
            {
              "name": "57595",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57595"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-0964",
    "datePublished": "2013-01-29T02:00:00",
    "dateReserved": "2013-01-10T00:00:00",
    "dateUpdated": "2024-08-06T14:41:48.227Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.1.1\", \"matchCriteriaId\": \"6DA9B1E7-234E-41C7-AB6E-2DAD2E9745D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AED51448-EC2F-4359-AF40-2F64B118B0BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:1.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70597B33-FC5E-442A-8C92-69F77A47C672\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B52A3CDB-824F-48B0-81BE-E29E7B330AAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0AF6A04-6AA2-4DDE-9843-5CB9AAA0DF56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9462F97-9565-4260-8C48-36C025B4A19E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:2.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8410D1D-864A-46A2-B068-999FDC7856C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:2.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"611A678E-0AFC-4567-B2A5-B55BBAAC8A73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:2.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"194E34F3-8273-4FC0-993F-94D2347EF02A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:2.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFC2E304-68A1-4585-80D4-B2539045428F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:2.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"777BB30F-22E3-419E-85B5-C1D9DECEB332\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7F51A11-03C4-4016-A341-33A2B62469AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E336759F-BC13-434D-9317-34645F529102\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:3.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B89AA38-CBF6-422D-A973-A811DB2E0FD5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"032D6D17-671C-4B41-9156-642D8C7B5E46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CAB9BBA-85B3-4EB5-BE4D-2841427D39EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1694411C-5A09-447B-830C-3FE575E1F3DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39FBA027-1A7F-4EB3-886B-C2050C3E8CBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF338C3E-C443-4100-A6DE-6E4F03053CEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"209A6E35-C8A6-4F85-91EB-4997B34FDC07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E3CD57F-BE10-4EDB-BB8F-598DEE1FB254\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3607D2B-77F0-447D-905E-260E05D9EC70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81D1802D-320D-48CA-A92A-1F59FE29ADAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:4.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D301B9BC-A70A-4B62-A306-81856EBF5081\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:5.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07AAFCEA-1F01-4060-9DB6-1C6D6F036555\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E82E512A-77C8-4297-86F0-FAB64156BCA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:5.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BCF0244-37BC-43E1-AE52-820F4F7830E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:5.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A752BB3-158D-419D-8670-6B05C82BD262\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.0.2\", \"matchCriteriaId\": \"0FD52712-0484-421B-A5DD-2CF0B4C027BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEE0068D-C699-4646-9658-610409925A79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87C215DD-BC98-4283-BF13-69556EF7CB78\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.\"}, {\"lang\": \"es\", \"value\": \"El kernel en Apple iOS anterior a v6.1 y Apple TV anterior a v5.2 no valida adecuadamente los argumentos de copia, lo que permite a usuarior locales evitar las restricciones de punteros y de acceso a memoria en la primera p\\u00e1gina del kernel-memory especificando que el tama\\u00f1o sea menor al de una p\\u00e1gina.\"}]",
      "id": "CVE-2013-0964",
      "lastModified": "2024-11-21T01:48:32.740",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:N\", \"baseScore\": 3.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-01-29T05:58:54.930",
      "references": "[{\"url\": \"http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://osvdb.org/89659\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://support.apple.com/kb/HT5642\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT5643\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/57595\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://osvdb.org/89659\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.apple.com/kb/HT5642\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT5643\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/57595\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "product-security@apple.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-0964\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2013-01-29T05:58:54.930\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.\"},{\"lang\":\"es\",\"value\":\"El kernel en Apple iOS anterior a v6.1 y Apple TV anterior a v5.2 no valida adecuadamente los argumentos de copia, lo que permite a usuarior locales evitar las restricciones de punteros y de acceso a memoria en la primera p\u00e1gina del kernel-memory especificando que el tama\u00f1o sea menor al de una p\u00e1gina.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":3.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.1.1\",\"matchCriteriaId\":\"6DA9B1E7-234E-41C7-AB6E-2DAD2E9745D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AED51448-EC2F-4359-AF40-2F64B118B0BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70597B33-FC5E-442A-8C92-69F77A47C672\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B52A3CDB-824F-48B0-81BE-E29E7B330AAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0AF6A04-6AA2-4DDE-9843-5CB9AAA0DF56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9462F97-9565-4260-8C48-36C025B4A19E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8410D1D-864A-46A2-B068-999FDC7856C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"611A678E-0AFC-4567-B2A5-B55BBAAC8A73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"194E34F3-8273-4FC0-993F-94D2347EF02A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFC2E304-68A1-4585-80D4-B2539045428F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"777BB30F-22E3-419E-85B5-C1D9DECEB332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7F51A11-03C4-4016-A341-33A2B62469AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E336759F-BC13-434D-9317-34645F529102\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B89AA38-CBF6-422D-A973-A811DB2E0FD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"032D6D17-671C-4B41-9156-642D8C7B5E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CAB9BBA-85B3-4EB5-BE4D-2841427D39EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1694411C-5A09-447B-830C-3FE575E1F3DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39FBA027-1A7F-4EB3-886B-C2050C3E8CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF338C3E-C443-4100-A6DE-6E4F03053CEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"209A6E35-C8A6-4F85-91EB-4997B34FDC07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E3CD57F-BE10-4EDB-BB8F-598DEE1FB254\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3607D2B-77F0-447D-905E-260E05D9EC70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81D1802D-320D-48CA-A92A-1F59FE29ADAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:4.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D301B9BC-A70A-4B62-A306-81856EBF5081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07AAFCEA-1F01-4060-9DB6-1C6D6F036555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E82E512A-77C8-4297-86F0-FAB64156BCA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BCF0244-37BC-43E1-AE52-820F4F7830E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:5.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A752BB3-158D-419D-8670-6B05C82BD262\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.0.2\",\"matchCriteriaId\":\"0FD52712-0484-421B-A5DD-2CF0B4C027BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEE0068D-C699-4646-9658-610409925A79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87C215DD-BC98-4283-BF13-69556EF7CB78\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/89659\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT5642\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5643\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/57595\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/89659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT5642\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5643\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/57595\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2013-0964

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-0964

Aliases

CVE-2013-0964

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-0964",
    "description": "The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.",
    "id": "GSD-2013-0964"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-0964"
      ],
      "details": "The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.",
      "id": "GSD-2013-0964",
      "modified": "2023-12-13T01:22:14.478834Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2013-0964",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "APPLE-SA-2013-01-28-2",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html"
          },
          {
            "name": "http://support.apple.com/kb/HT5642",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5642"
          },
          {
            "name": "http://support.apple.com/kb/HT5643",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5643"
          },
          {
            "name": "89659",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/89659"
          },
          {
            "name": "APPLE-SA-2013-01-28-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
          },
          {
            "name": "57595",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/57595"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:1.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:5.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.1.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:5.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.0.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-0964"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT5642",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5642"
            },
            {
              "name": "APPLE-SA-2013-01-28-2",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html"
            },
            {
              "name": "APPLE-SA-2013-01-28-1",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5643",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5643"
            },
            {
              "name": "89659",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/89659"
            },
            {
              "name": "57595",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/57595"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-03-08T16:06Z",
      "publishedDate": "2013-01-29T05:58Z"
    }
  }
}

CERTA-2013-AVI-076

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple TV. Certaines d'entre elles permettent à un attaquant une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Versions antérieures à Apple TV 5.2

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité HT5643 du 28 janvier 2013	None	vendor-advisory
Bulletin de sécurité Apple HT5643 du 28 janvier 2013 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eVersions ant\u00e9rieures \u00e0 Apple TV 5.2\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0964"
    },
    {
      "name": "CVE-2012-2619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2619"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT5643 du 28 janvier 2013 :",
      "url": "http://support.apple.com/kb/HT5643"
    }
  ],
  "reference": "CERTA-2013-AVI-076",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-01-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple TV\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple TV",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HT5643 du 28 janvier 2013",
      "url": null
    }
  ]
}

CERTA-2013-AVI-075

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple iOS. Certaines d'entre elles permettent à un attaquant d'exécuter du code arbitraire à distance au moyen de pages Web spécialement conçues.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iOS versions antérieures à 6.1

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT5642 du 28 janvier 2013

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eApple iOS versions ant\u00e9rieures \u00e0 6.1\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-3607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3607"
    },
    {
      "name": "CVE-2013-0956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0956"
    },
    {
      "name": "CVE-2013-0949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0949"
    },
    {
      "name": "CVE-2012-3701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3701"
    },
    {
      "name": "CVE-2013-0963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0963"
    },
    {
      "name": "CVE-2013-0974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0974"
    },
    {
      "name": "CVE-2013-0952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0952"
    },
    {
      "name": "CVE-2013-0953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0953"
    },
    {
      "name": "CVE-2013-0954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0954"
    },
    {
      "name": "CVE-2012-2824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2824"
    },
    {
      "name": "CVE-2013-0950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0950"
    },
    {
      "name": "CVE-2012-3606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3606"
    },
    {
      "name": "CVE-2013-0959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0959"
    },
    {
      "name": "CVE-2012-2889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2889"
    },
    {
      "name": "CVE-2013-0962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0962"
    },
    {
      "name": "CVE-2011-3058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3058"
    },
    {
      "name": "CVE-2013-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0964"
    },
    {
      "name": "CVE-2013-0955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0955"
    },
    {
      "name": "CVE-2012-2619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2619"
    },
    {
      "name": "CVE-2013-0968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0968"
    },
    {
      "name": "CVE-2013-0958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0958"
    },
    {
      "name": "CVE-2012-3632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3632"
    },
    {
      "name": "CVE-2013-0948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0948"
    },
    {
      "name": "CVE-2012-2857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2857"
    },
    {
      "name": "CVE-2012-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3621"
    },
    {
      "name": "CVE-2012-3687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3687"
    },
    {
      "name": "CVE-2013-0951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0951"
    }
  ],
  "links": [],
  "reference": "CERTA-2013-AVI-075",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-01-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple iOS\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance au moyen de pages Web\nsp\u00e9cialement con\u00e7ues.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT5642 du 28 janvier 2013",
      "url": "http://support.apple.com/kb/HT5642"
    }
  ]
}

CERTA-2013-AVI-075

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iOS versions antérieures à 6.1

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT5642 du 28 janvier 2013

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eApple iOS versions ant\u00e9rieures \u00e0 6.1\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-3607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3607"
    },
    {
      "name": "CVE-2013-0956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0956"
    },
    {
      "name": "CVE-2013-0949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0949"
    },
    {
      "name": "CVE-2012-3701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3701"
    },
    {
      "name": "CVE-2013-0963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0963"
    },
    {
      "name": "CVE-2013-0974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0974"
    },
    {
      "name": "CVE-2013-0952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0952"
    },
    {
      "name": "CVE-2013-0953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0953"
    },
    {
      "name": "CVE-2013-0954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0954"
    },
    {
      "name": "CVE-2012-2824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2824"
    },
    {
      "name": "CVE-2013-0950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0950"
    },
    {
      "name": "CVE-2012-3606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3606"
    },
    {
      "name": "CVE-2013-0959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0959"
    },
    {
      "name": "CVE-2012-2889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2889"
    },
    {
      "name": "CVE-2013-0962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0962"
    },
    {
      "name": "CVE-2011-3058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3058"
    },
    {
      "name": "CVE-2013-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0964"
    },
    {
      "name": "CVE-2013-0955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0955"
    },
    {
      "name": "CVE-2012-2619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2619"
    },
    {
      "name": "CVE-2013-0968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0968"
    },
    {
      "name": "CVE-2013-0958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0958"
    },
    {
      "name": "CVE-2012-3632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3632"
    },
    {
      "name": "CVE-2013-0948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0948"
    },
    {
      "name": "CVE-2012-2857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2857"
    },
    {
      "name": "CVE-2012-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3621"
    },
    {
      "name": "CVE-2012-3687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3687"
    },
    {
      "name": "CVE-2013-0951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0951"
    }
  ],
  "links": [],
  "reference": "CERTA-2013-AVI-075",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-01-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple iOS\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance au moyen de pages Web\nsp\u00e9cialement con\u00e7ues.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT5642 du 28 janvier 2013",
      "url": "http://support.apple.com/kb/HT5642"
    }
  ]
}

CERTA-2013-AVI-076

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple TV. Certaines d'entre elles permettent à un attaquant une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Versions antérieures à Apple TV 5.2

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité HT5643 du 28 janvier 2013	None	vendor-advisory
Bulletin de sécurité Apple HT5643 du 28 janvier 2013 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eVersions ant\u00e9rieures \u00e0 Apple TV 5.2\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0964"
    },
    {
      "name": "CVE-2012-2619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2619"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT5643 du 28 janvier 2013 :",
      "url": "http://support.apple.com/kb/HT5643"
    }
  ],
  "reference": "CERTA-2013-AVI-076",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-01-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple TV\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple TV",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HT5643 du 28 janvier 2013",
      "url": null
    }
  ]
}

GHSA-599W-Q86M-78MC

Vulnerability from github – Published: 2022-05-14 01:27 – Updated: 2022-05-14 01:27

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-0964"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-01-29T05:58:00Z",
    "severity": "LOW"
  },
  "details": "The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.",
  "id": "GHSA-599w-q86m-78mc",
  "modified": "2022-05-14T01:27:04Z",
  "published": "2022-05-14T01:27:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0964"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/89659"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5642"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5643"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/57595"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2013-0964

Vulnerability from fkie_nvd - Published: 2013-01-29 05:58 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html	Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html	Vendor Advisory
product-security@apple.com	http://osvdb.org/89659
product-security@apple.com	http://support.apple.com/kb/HT5642	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT5643	Vendor Advisory
product-security@apple.com	http://www.securityfocus.com/bid/57595
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/89659
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5642	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5643	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/57595

Impacted products

Vendor	Product	Version
apple	tvos	*
apple	tvos	1.0.0
apple	tvos	1.1.0
apple	tvos	2.0.0
apple	tvos	2.0.1
apple	tvos	2.0.2
apple	tvos	2.1.0
apple	tvos	2.2.0
apple	tvos	2.3.0
apple	tvos	2.3.1
apple	tvos	2.4.0
apple	tvos	3.0.0
apple	tvos	3.0.1
apple	tvos	3.0.2
apple	tvos	4.1.0
apple	tvos	4.1.1
apple	tvos	4.2.0
apple	tvos	4.2.1
apple	tvos	4.2.2
apple	tvos	4.3.0
apple	tvos	4.4.0
apple	tvos	4.4.2
apple	tvos	4.4.3
apple	tvos	4.4.4
apple	tvos	5.0.0
apple	tvos	5.0.1
apple	tvos	5.0.2
apple	tvos	5.1.0
apple	iphone_os	*
apple	iphone_os	6.0
apple	iphone_os	6.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DA9B1E7-234E-41C7-AB6E-2DAD2E9745D8",
              "versionEndIncluding": "5.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED51448-EC2F-4359-AF40-2F64B118B0BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70597B33-FC5E-442A-8C92-69F77A47C672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B52A3CDB-824F-48B0-81BE-E29E7B330AAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0AF6A04-6AA2-4DDE-9843-5CB9AAA0DF56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9462F97-9565-4260-8C48-36C025B4A19E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8410D1D-864A-46A2-B068-999FDC7856C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "611A678E-0AFC-4567-B2A5-B55BBAAC8A73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "194E34F3-8273-4FC0-993F-94D2347EF02A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFC2E304-68A1-4585-80D4-B2539045428F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "777BB30F-22E3-419E-85B5-C1D9DECEB332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7F51A11-03C4-4016-A341-33A2B62469AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E336759F-BC13-434D-9317-34645F529102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B89AA38-CBF6-422D-A973-A811DB2E0FD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "032D6D17-671C-4B41-9156-642D8C7B5E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CAB9BBA-85B3-4EB5-BE4D-2841427D39EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1694411C-5A09-447B-830C-3FE575E1F3DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FBA027-1A7F-4EB3-886B-C2050C3E8CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF338C3E-C443-4100-A6DE-6E4F03053CEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "209A6E35-C8A6-4F85-91EB-4997B34FDC07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3CD57F-BE10-4EDB-BB8F-598DEE1FB254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3607D2B-77F0-447D-905E-260E05D9EC70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "81D1802D-320D-48CA-A92A-1F59FE29ADAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:4.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D301B9BC-A70A-4B62-A306-81856EBF5081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07AAFCEA-1F01-4060-9DB6-1C6D6F036555",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E82E512A-77C8-4297-86F0-FAB64156BCA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BCF0244-37BC-43E1-AE52-820F4F7830E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A752BB3-158D-419D-8670-6B05C82BD262",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FD52712-0484-421B-A5DD-2CF0B4C027BD",
              "versionEndIncluding": "6.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE0068D-C699-4646-9658-610409925A79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87C215DD-BC98-4283-BF13-69556EF7CB78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page."
    },
    {
      "lang": "es",
      "value": "El kernel en Apple iOS anterior a v6.1 y Apple TV anterior a v5.2 no valida adecuadamente los argumentos de copia, lo que permite a usuarior locales evitar las restricciones de punteros y de acceso a memoria en la primera p\u00e1gina del kernel-memory especificando que el tama\u00f1o sea menor al de una p\u00e1gina."
    }
  ],
  "id": "CVE-2013-0964",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-01-29T05:58:54.930",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://osvdb.org/89659"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5642"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5643"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securityfocus.com/bid/57595"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/89659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5643"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/57595"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201301-0340

Vulnerability from variot - Updated: 2023-12-18 11:13

The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page. Apple iOS for the iPhone, the iPod touch, and the iPad is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to potentially sensitive information. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. A vulnerability exists in the kernel of Apple iOS versions prior to 6.1 and Apple TV versions prior to 5.2. The vulnerability stems from the fact that the program does not validate the copyin and copyout parameters. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2013-01-28-1 iOS 6.1 Software Update

iOS 6.1 Software Update is now available and addresses the following:

Identity Services Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Authentication relying on certificate-based Apple ID authentication may be bypassed Description: An error handling issue existed in Identity Services. If the user's AppleID certificate failed to validate, the user's AppleID was assumed to be the empty string. If multiple systems belonging to different users enter this state, applications relying on this identity determination may erroneously extend trust. This issue was addressed by ensuring that NULL is returned instead of an empty string. CVE-ID CVE-2013-0963

International Components for Unicode Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A canonicalization issue existed in the handling of the EUC-JP encoding, which could lead to a cross-site scripting attack on EUC-JP encoded websites. This issue was addressed by updating the EUC-JP mapping table. The checks were not being used if the length was smaller than one page. This issue was addressed through additional validation of the arguments to copyin and copyout. CVE-ID CVE-2013-0964 : Mark Dowd of Azimuth Security

Security Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Several intermediate CA certificates were mistakenly issued by TURKTRUST. This issue was addressed by not allowing the incorrect SSL certificates.

StoreKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: JavaScript may be enabled in Mobile Safari without user interaction Description: If a user disabled JavaScript in Safari Preferences, visiting a site which displayed a Smart App Banner would re-enable JavaScript without warning the user. This issue was addressed by not enabling JavaScript when visiting a site with a Smart App Banner. CVE-ID CVE-2013-0974 : Andrew Plotkin of Zarfhome Software Consulting, Ben Madison of BitCloud, Marek Durcek

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2012-2824 : miaubiz CVE-2012-2857 : Arthur Gerkis CVE-2012-3606 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3607 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3621 : Skylined of the Google Chrome Security Team CVE-2012-3632 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3687 : kuzzcc CVE-2012-3701 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0951 : Apple CVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the Google Chrome Security Team CVE-2013-0955 : Apple CVE-2013-0956 : Apple Product Security CVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0968 : Aaron Nelson

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Copying and pasting content on a malicious website may lead to a cross-site scripting attack Description: A cross-site scripting issue existed in the handling of content pasted from a different origin. This issue was addressed through additional validation of pasted content. CVE-ID CVE-2013-0962 : Mario Heiderich of Cure53

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-site scripting issue existed in the handling of frame elements. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-2889 : Sergey Glazunov

WiFi Available for: iPhone 3GS, iPhone 4, iPod touch (4th generation), iPad 2 Impact: A remote attacker on the same WiFi network may be able to temporarily disable WiFi Description: An out of bounds read issue exists in Broadcom's BCM4325 and BCM4329 firmware's handling of 802.11i information elements. This issue was addressed through additional validation of 802.11i information elements. CVE-ID CVE-2012-2619 : Andres Blanco and Matias Eissler of Core Security

Installation note:

This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. The version after applying this update will be "6.1".

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJRBffvAAoJEPefwLHPlZEwzYgP/0qhsTft9TUGuphoY9tth5WB D0+8pAKs+1HU+nMOaEKPbK+zdMxblhRNPQyhMuTAQaY5Z/iGn1EXVCTlQBO8esRW epxNZuhFoaW4wzK9kvw5d/HZ9tfq059ozlFOp1TI2D6J5RwNgxDfigt2PUKCTV4X u/BONQHIfINYMofgf5897LHYYFSU2+NJj5ouM5dY4Y/kfJkwAnG5AWCAGlEt3QOo MZdaVv3/itPj4te838FYCVAepel3xBWX0Hhuu87+waHslRrIfQl+EvNk3YZXxWiF O5Hw9Ng/H8n0sbeA39w0U8tw+q/wPhVexdULgRjBH65+6g7Cu5u+rMuYuRjl8fO/ glLhKZNSrQDa5ZNOraOrF62AFVByHaSxv4cZwo262/6uH93FIBtklMt947GMVQLC 1FT0CIGNJb1/0156bvsABfRScBtK9ZdIUjXhOHMinhQJX3qiBqyKc4/juYPmC9VC KXk2/K8b0sGWQRc5RuQsSpzkZF9WcrwmgGOBIghp2DLmbAAj0uh2Ttf1GdrOaajR XpZ2TTJ5qE+IHNU0/etroTYnzjKVjQ0pODrPZj7ALLXULTraXJRJy7fqraUzsHbi AZiRca+3x/S9nqV0NpTNPZgTwxenox10t0w5vhcBK+SPGga1oVRbtOjGtVIkgoG4 KI3sdgb6PtpZWuIJ6iZA =J2jv -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201301-0340",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.4.4"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "2.1.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "2.2.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "2.0.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "2.0.2"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.4.3"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.1.1"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "2.0.1"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.4.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "2.4.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "3.0.2"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.4.2"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "1.0.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "5.0.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.2.2"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.3.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "2.3.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "3.0.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.2.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "5.1.0"
      },
      {
        "model": "iphone os",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "2.3.1"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "1.1.0"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "3.0.1"
      },
      {
        "model": "tvos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.1.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "tv",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "5.2   ( first  2 after generation )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1   (ipad 2 or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1   (iphone 3gs or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1   (ipod touch first  4 after generation )"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.0.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.2.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.4.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.0.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.0.2"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.3.1"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.3"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.2"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.1"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.3"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.10"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.4"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "tv",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.2"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "57595"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:1.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:5.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.1.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:5.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:4.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:2.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.0.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0964"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Mario Heiderich of Cure53,  Andrew Plotkin of Zarfhome Software Consulting, Marek Durcek, Apple Product Security,Mark Dowd of Azimuth Security, Ben Madison of BitCloud, Abhishek Arya (Inferno) of the Google Chrome Security Team,  Aaron Nelson",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2013-0964",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 3.6,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2013-0964",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-60966",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-0964",
            "trust": 1.8,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201301-559",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60966",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60966"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page. Apple iOS for the iPhone, the iPod touch, and the iPad is prone to an information disclosure vulnerability. \nAn attacker can exploit this issue to gain access to potentially sensitive information. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. A vulnerability exists in the kernel of Apple iOS versions prior to 6.1 and Apple TV versions prior to 5.2. The vulnerability stems from the fact that the program does not validate the copyin and copyout parameters. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-01-28-1 iOS 6.1 Software Update\n\niOS 6.1 Software Update is now available and addresses the following:\n\nIdentity Services\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Authentication relying on certificate-based Apple ID\nauthentication may be bypassed\nDescription:  An error handling issue existed in Identity Services. \nIf the user\u0027s AppleID certificate failed to validate, the user\u0027s\nAppleID was assumed to be the empty string. If multiple systems\nbelonging to different users enter this state, applications relying\non this identity determination may erroneously extend trust. This\nissue was addressed by ensuring that NULL is returned instead of an\nempty string. \nCVE-ID\nCVE-2013-0963\n\nInternational Components for Unicode\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A canonicalization issue existed in the handling of the\nEUC-JP encoding, which could lead to a cross-site scripting attack on\nEUC-JP encoded websites. This issue was addressed by updating the\nEUC-JP mapping table. The checks were not being used if the length was\nsmaller than one page. This issue was addressed through additional\nvalidation of the arguments to copyin and copyout. \nCVE-ID\nCVE-2013-0964 : Mark Dowd of Azimuth Security\n\nSecurity\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription:  Several intermediate CA certificates were mistakenly\nissued by TURKTRUST. This issue was addressed by not allowing the\nincorrect SSL certificates. \n\nStoreKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  JavaScript may be enabled in Mobile Safari without user\ninteraction\nDescription:  If a user disabled JavaScript in Safari Preferences,\nvisiting a site which displayed a Smart App Banner would re-enable\nJavaScript without warning the user. This issue was addressed by not\nenabling JavaScript when visiting a site with a Smart App Banner. \nCVE-ID\nCVE-2013-0974 : Andrew Plotkin of Zarfhome Software Consulting, Ben\nMadison of BitCloud, Marek Durcek\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2012-2824 : miaubiz\nCVE-2012-2857 : Arthur Gerkis\nCVE-2012-3606 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3607 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3621 : Skylined of the Google Chrome Security Team\nCVE-2012-3632 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3687 : kuzzcc\nCVE-2012-3701 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0951 : Apple\nCVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the\nGoogle Chrome Security Team\nCVE-2013-0955 : Apple\nCVE-2013-0956 : Apple Product Security\nCVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0968 : Aaron Nelson\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Copying and pasting content on a malicious website may lead\nto a cross-site scripting attack\nDescription:  A cross-site scripting issue existed in the handling of\ncontent pasted from a different origin. This issue was addressed\nthrough additional validation of pasted content. \nCVE-ID\nCVE-2013-0962 : Mario Heiderich of Cure53\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-site scripting issue existed in the handling of\nframe elements. This issue was addressed through improved origin\ntracking. \nCVE-ID\nCVE-2012-2889 : Sergey Glazunov\n\nWiFi\nAvailable for:  iPhone 3GS, iPhone 4, iPod touch (4th generation),\niPad 2\nImpact:  A remote attacker on the same WiFi network may be able to\ntemporarily disable WiFi\nDescription:  An out of bounds read issue exists in Broadcom\u0027s\nBCM4325 and BCM4329 firmware\u0027s handling of 802.11i information\nelements. This issue was addressed through additional validation of\n802.11i information elements. \nCVE-ID\nCVE-2012-2619 : Andres Blanco and Matias Eissler of Core Security\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. The version after applying this update\nwill be \"6.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJRBffvAAoJEPefwLHPlZEwzYgP/0qhsTft9TUGuphoY9tth5WB\nD0+8pAKs+1HU+nMOaEKPbK+zdMxblhRNPQyhMuTAQaY5Z/iGn1EXVCTlQBO8esRW\nepxNZuhFoaW4wzK9kvw5d/HZ9tfq059ozlFOp1TI2D6J5RwNgxDfigt2PUKCTV4X\nu/BONQHIfINYMofgf5897LHYYFSU2+NJj5ouM5dY4Y/kfJkwAnG5AWCAGlEt3QOo\nMZdaVv3/itPj4te838FYCVAepel3xBWX0Hhuu87+waHslRrIfQl+EvNk3YZXxWiF\nO5Hw9Ng/H8n0sbeA39w0U8tw+q/wPhVexdULgRjBH65+6g7Cu5u+rMuYuRjl8fO/\nglLhKZNSrQDa5ZNOraOrF62AFVByHaSxv4cZwo262/6uH93FIBtklMt947GMVQLC\n1FT0CIGNJb1/0156bvsABfRScBtK9ZdIUjXhOHMinhQJX3qiBqyKc4/juYPmC9VC\nKXk2/K8b0sGWQRc5RuQsSpzkZF9WcrwmgGOBIghp2DLmbAAj0uh2Ttf1GdrOaajR\nXpZ2TTJ5qE+IHNU0/etroTYnzjKVjQ0pODrPZj7ALLXULTraXJRJy7fqraUzsHbi\nAZiRca+3x/S9nqV0NpTNPZgTwxenox10t0w5vhcBK+SPGga1oVRbtOjGtVIkgoG4\nKI3sdgb6PtpZWuIJ6iZA\n=J2jv\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0964"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "db": "BID",
        "id": "57595"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60966"
      },
      {
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "db": "PACKETSTORM",
        "id": "119898"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0964",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "57595",
        "trust": 2.0
      },
      {
        "db": "OSVDB",
        "id": "89659",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-60966",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "119897",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "119898",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60966"
      },
      {
        "db": "BID",
        "id": "57595"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "db": "PACKETSTORM",
        "id": "119898"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ]
  },
  "id": "VAR-201301-0340",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60966"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:13:56.311000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APPLE-SA-2013-01-28-2",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2013/jan/msg00001.html"
      },
      {
        "title": "APPLE-SA-2013-01-28-1",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2013/jan/msg00000.html"
      },
      {
        "title": "HT5642",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht5642"
      },
      {
        "title": "HT5643",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht5643"
      },
      {
        "title": "HT5642",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht5642?viewlocale=ja_jp"
      },
      {
        "title": "HT5643",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht5643?viewlocale=ja_jp"
      },
      {
        "title": "Apple iOS/Apple TV Fixes for kernel security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=90755"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60966"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0964"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://support.apple.com/kb/ht5642"
      },
      {
        "trust": 2.0,
        "url": "http://support.apple.com/kb/ht5643"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2013/jan/msg00000.html"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2013/jan/msg00001.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/57595"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/89659"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0964"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0964"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/iphone/softwareupdate/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ipad/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/iphone/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ipodtouch/"
      },
      {
        "trust": 0.2,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.2,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2619"
      },
      {
        "trust": 0.2,
        "url": "http://gpgtools.org"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0964"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/itunes/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0956"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3687"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3632"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0954"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0955"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0948"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2889"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3621"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0959"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0952"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0958"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3701"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0949"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0962"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0968"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3058"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2857"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0950"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0951"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0974"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2824"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0953"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3606"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3607"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0963"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60966"
      },
      {
        "db": "BID",
        "id": "57595"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "db": "PACKETSTORM",
        "id": "119898"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-60966"
      },
      {
        "db": "BID",
        "id": "57595"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "db": "PACKETSTORM",
        "id": "119898"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-01-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60966"
      },
      {
        "date": "2013-01-28T00:00:00",
        "db": "BID",
        "id": "57595"
      },
      {
        "date": "2013-01-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "date": "2013-01-30T02:53:29",
        "db": "PACKETSTORM",
        "id": "119897"
      },
      {
        "date": "2013-01-30T02:58:08",
        "db": "PACKETSTORM",
        "id": "119898"
      },
      {
        "date": "2013-01-29T05:58:54.930000",
        "db": "NVD",
        "id": "CVE-2013-0964"
      },
      {
        "date": "2013-01-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60966"
      },
      {
        "date": "2013-01-28T00:00:00",
        "db": "BID",
        "id": "57595"
      },
      {
        "date": "2013-01-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      },
      {
        "date": "2019-03-08T16:06:28.637000",
        "db": "NVD",
        "id": "CVE-2013-0964"
      },
      {
        "date": "2019-03-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple iOS and  Apple TV Vulnerability in the kernel that circumvents pointer restrictions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001315"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201301-559"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-0964 (GCVE-0-2013-0964)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature