CVE-2013-0967

3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 60.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedMar 15
Latest updateMay 17

Description

CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java Web Start applications, via a crafted web site.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDapple/mac_os_x9 versions+8
NVDapple/mac_os_x_server4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-xfgj-jr9c-j9q8: CoreTypes in Apple Mac OS X before 102022-05-17
CVEList
CVE-2013-0967: CoreTypes in Apple Mac OS X before 102013-03-15
CVE-2013-0967 (MEDIUM CVSS 4.3) | CoreTypes in Apple Mac OS X before | cvebase.io