CVE-2013-0964

Published Jan 29, 2013

Last updated 3 months ago

CVSS info 3.6

Overview

Description: The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.
Source: product-security@apple.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.6
Impact score: 4.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DA9B1E7-234E-41C7-AB6E-2DAD2E9745D8",
            "versionEndIncluding": "5.1.1"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AED51448-EC2F-4359-AF40-2F64B118B0BE"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70597B33-FC5E-442A-8C92-69F77A47C672"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B52A3CDB-824F-48B0-81BE-E29E7B330AAB"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0AF6A04-6AA2-4DDE-9843-5CB9AAA0DF56"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9462F97-9565-4260-8C48-36C025B4A19E"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:2.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8410D1D-864A-46A2-B068-999FDC7856C8"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:2.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "611A678E-0AFC-4567-B2A5-B55BBAAC8A73"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:2.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "194E34F3-8273-4FC0-993F-94D2347EF02A"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:2.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFC2E304-68A1-4585-80D4-B2539045428F"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:2.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "777BB30F-22E3-419E-85B5-C1D9DECEB332"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7F51A11-03C4-4016-A341-33A2B62469AD"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E336759F-BC13-434D-9317-34645F529102"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B89AA38-CBF6-422D-A973-A811DB2E0FD5"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "032D6D17-671C-4B41-9156-642D8C7B5E46"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CAB9BBA-85B3-4EB5-BE4D-2841427D39EA"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1694411C-5A09-447B-830C-3FE575E1F3DB"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39FBA027-1A7F-4EB3-886B-C2050C3E8CBD"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF338C3E-C443-4100-A6DE-6E4F03053CEB"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "209A6E35-C8A6-4F85-91EB-4997B34FDC07"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E3CD57F-BE10-4EDB-BB8F-598DEE1FB254"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3607D2B-77F0-447D-905E-260E05D9EC70"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81D1802D-320D-48CA-A92A-1F59FE29ADAD"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:4.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D301B9BC-A70A-4B62-A306-81856EBF5081"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07AAFCEA-1F01-4060-9DB6-1C6D6F036555"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E82E512A-77C8-4297-86F0-FAB64156BCA1"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BCF0244-37BC-43E1-AE52-820F4F7830E0"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A752BB3-158D-419D-8670-6B05C82BD262"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FD52712-0484-421B-A5DD-2CF0B4C027BD",
            "versionEndIncluding": "6.0.2"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEE0068D-C699-4646-9658-610409925A79"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87C215DD-BC98-4283-BF13-69556EF7CB78"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References