CVE-2013-3951Improper Input Validation in Apple Iphone OS

CWE-20Improper Input Validation5 documents3 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 81.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple Iphone OSApple MAC OS XApple Watchos+3 more
Timeline
PublishedJun 5
Latest updateMay 17

Description

sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-guard= substring, as demonstrated by an iOS untethering attack or an attack against a setuid Mac OS X program.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages6 packages

NVDapple/watchos1.0.1
NVDapple/mac_os_x10.10.4+5
NVDapple/iphone_os8.2+1
Appleapple/ios_9

🔴Vulnerability Details

1
GHSA
GHSA-77m7-6q2g-65ff: sys/openbsd/stack_protector2022-05-17

📋Vendor Advisories

3
Apple
CVE-2013-3951: watchOS 2
Apple
CVE-2013-3951: iOS 9
Apple
CVE-2013-3951: OS X El Capitan v10.11