Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apple mac os x 10.8.4 vulnerabilities and exploits

(subscribe to this query)

2.1
CVSSv2
CVE-2013-3949
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the _POSIX_SPAWN_DISABLE_ASLR and _POSIX_SPAWN_ALLOW_DATA_EXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper...
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4
2.1
CVSSv2
CVE-2013-3952
The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROC_PIDFDPIPEINFO option to the proc_info system call for a kernel pipe handle....
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4
6.6
CVSSv2
CVE-2013-5163
Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vectors....
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4Apple Mac Os X
6.8
CVSSv2
CVE-2013-5170
Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document....
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4Apple Mac Os X 10.8.5Apple Mac Os X
4.9
CVSSv2
CVE-2013-5176
The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service (system hang) by triggering a truncation error....
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4Apple Mac Os X 10.8.5Apple Mac Os X
2.1
CVSSv2
CVE-2013-5191
The syslog implementation in Apple Mac OS X before 10.9 allows local users to obtain sensitive information by leveraging access to the Guest account and reading console-log messages from previous Guest sessions....
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4Apple Mac Os X 10.8.5Apple Mac Os X
4.3
CVSSv2
CVE-2013-5190
Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by interfering with the revocation-check procedure....
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4Apple Mac Os X 10.8.5Apple Mac Os X
5.8
CVSSv2
CVE-2013-5189
Apple Mac OS X before 10.9 does not preserve a certain administrative system-preferences setting across software updates, which allows context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended security...
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4Apple Mac Os X 10.8.5Apple Mac Os X
5
CVSSv2
CVE-2013-5167
CFNetwork in Apple Mac OS X before 10.9 does not properly support Safari's deletion of session cookies in response to a reset operation, which makes it easier for remote web servers to track users via Set-Cookie HTTP headers....
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4Apple Mac Os X 10.8.5Apple Mac Os X
4.9
CVSSv2
CVE-2013-5192
The USB hub controller in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a request with a crafted (1) port or (2) port number....
Apple Mac Os X 10.8.0Apple Mac Os X 10.8.1Apple Mac Os X 10.8.2Apple Mac Os X 10.8.3Apple Mac Os X 10.8.4Apple Mac Os X 10.8.5Apple Mac Os X
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote attackersCVE-2021-31258lightcmsman-in-the-middleCVE-2021-20989CVE-2021-28310CVE-2020-4006CVE-2021-28548spoofCVE-2021-27112lightcms project
Vulnerability Notification Service
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook