CVE-2013-3950Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Iphone OS

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
0.8%
top 25.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Iphone OS
Timeline
PublishedJun 5
Latest updateMay 17

Description

Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLD_SHARED_CACHE_DIR environment variable.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapple/iphone_os8 versions+7

🔴Vulnerability Details

1
GHSA
GHSA-jhhj-m43q-gw88: Stack-based buffer overflow in the openSharedCacheFile function in dyld2022-05-17
CVE-2013-3950 — Apple Iphone OS vulnerability | cvebase