CVE-2013-3950

Published Jun 5, 2013

Last updated 11 years ago

CVSS info 5.0

Overview

Description: Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLD_SHARED_CACHE_DIR environment variable.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E78F1F2C-2BFF-4D55-A754-102D6C42081B"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0A4AF71-8E71-432A-B908-361DAF99F4B9"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEE0068D-C699-4646-9658-610409925A79"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87C215DD-BC98-4283-BF13-69556EF7CB78"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1C3966E-C136-47A9-B5B4-70613756ED27"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22AD2A1F-A637-47DE-A69F-DAE4ABDFA4BD"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6D398B8-821B-4DE9-ADF1-4983051F964C"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0CCE5F2-4D32-404B-BAAC-E64F11BD41FB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References