CVE-2013-0977Apple Iphone OS vulnerability

3 documents3 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 81.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple Iphone OSApple Tvos
Timeline
PublishedMar 20
Latest updateMay 13

Description

dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing requirements via a file that contains overlapping segments.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

NVDapple/tvos5.2.0+28
NVDapple/iphone_os6.1.2+45

🔴Vulnerability Details

1
GHSA
GHSA-683r-hcm7-6v7j: dyld in Apple iOS before 62022-05-13

💬Community

1
Bugzilla
CVE-2013-7087 CVE-2013-7088 CVE-2013-7089 clamav: Multiple potential security issues fixed in 0.97.7 version2013-03-18