Lucene search
AppleCVE-2013-0977HistoryOct 03, 2022 - 4:15 p.m.
CVE-2013-0977
2022-10-0316:15:03
apple
web.nvd.nist.gov
36
cve-2013-0977
dyld
file loading
vulnerability
apple
ios
apple tv
code-signing
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
5.5
Confidence
Low
EPSS
0
Percentile
5.1%
dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing requirements via a file that contains overlapping segments.
Affected configurations
Node
appleiphone_osRange≤6.1.2
ORappleiphone_osMatch1.0.0
ORappleiphone_osMatch1.0.1
ORappleiphone_osMatch1.0.2
ORappleiphone_osMatch1.1.0
ORappleiphone_osMatch1.1.0-ipodtouch
ORappleiphone_osMatch1.1.1
ORappleiphone_osMatch1.1.2
ORappleiphone_osMatch1.1.2-ipodtouch
ORappleiphone_osMatch1.1.3
ORappleiphone_osMatch1.1.3-ipodtouch
ORappleiphone_osMatch1.1.4
ORappleiphone_osMatch1.1.4-ipodtouch
ORappleiphone_osMatch1.1.5
ORappleiphone_osMatch1.1.5-ipodtouch
ORappleiphone_osMatch2.0
ORappleiphone_osMatch2.0.0
ORappleiphone_osMatch2.0.0-ipodtouch
ORappleiphone_osMatch2.0.1
ORappleiphone_osMatch2.0.1-ipodtouch
ORappleiphone_osMatch2.0.2
ORappleiphone_osMatch2.0.2-ipodtouch
ORappleiphone_osMatch2.1
ORappleiphone_osMatch2.1-ipodtouch
ORappleiphone_osMatch2.1.1
ORappleiphone_osMatch2.2
ORappleiphone_osMatch2.2-ipodtouch
ORappleiphone_osMatch2.2.1
ORappleiphone_osMatch2.2.1-ipodtouch
ORappleiphone_osMatch3.0
ORappleiphone_osMatch3.0-ipodtouch
ORappleiphone_osMatch3.0.1
ORappleiphone_osMatch3.0.1-ipodtouch
ORappleiphone_osMatch3.1
ORappleiphone_osMatch3.1-ipodtouch
ORappleiphone_osMatch3.1.2
ORappleiphone_osMatch3.1.2-ipodtouch
ORappleiphone_osMatch3.1.3
ORappleiphone_osMatch3.1.3-ipodtouch
ORappleiphone_osMatch3.2
ORappleiphone_osMatch3.2-ipodtouch
ORappleiphone_osMatch3.2.1
ORappleiphone_osMatch3.2.1-ipad
ORappleiphone_osMatch3.2.2
ORappleiphone_osMatch4.0
ORappleiphone_osMatch4.0-ipodtouch
ORappleiphone_osMatch4.0.1
ORappleiphone_osMatch4.0.1-ipodtouch
ORappleiphone_osMatch4.0.2
ORappleiphone_osMatch4.1
ORappleiphone_osMatch4.2.1
ORappleiphone_osMatch4.2.5
ORappleiphone_osMatch4.2.8
ORappleiphone_osMatch4.3.0
ORappleiphone_osMatch4.3.1
ORappleiphone_osMatch4.3.2
ORappleiphone_osMatch4.3.3
ORappleiphone_osMatch4.3.5
ORappleiphone_osMatch4.3.5-ipad
ORappleiphone_osMatch4.3.5-ipodtouch
ORappleiphone_osMatch5.0
ORappleiphone_osMatch5.0-ipad
ORappleiphone_osMatch5.0-ipodtouch
ORappleiphone_osMatch5.0.1
ORappleiphone_osMatch5.0.1-ipad
ORappleiphone_osMatch5.0.1-ipodtouch
ORappleiphone_osMatch5.1
ORappleiphone_osMatch5.1.1
ORappleiphone_osMatch6.0
ORappleiphone_osMatch6.0.1
ORappleiphone_osMatch6.0.2
ORappleiphone_osMatch6.1
Node
appletvosRange≤5.2.0
ORappletvosMatch1.0.0
ORappletvosMatch1.1.0
ORappletvosMatch2.0.0
ORappletvosMatch2.0.1
ORappletvosMatch2.0.2
ORappletvosMatch2.1.0
ORappletvosMatch2.2.0
ORappletvosMatch2.3.0
ORappletvosMatch2.3.1
ORappletvosMatch2.4.0
ORappletvosMatch3.0.0
ORappletvosMatch3.0.1
ORappletvosMatch3.0.2
ORappletvosMatch4.1.0
ORappletvosMatch4.1.1
ORappletvosMatch4.2.0
ORappletvosMatch4.2.1
ORappletvosMatch4.2.2
ORappletvosMatch4.3.0
ORappletvosMatch4.4.0
ORappletvosMatch4.4.2
ORappletvosMatch4.4.3
ORappletvosMatch4.4.4
ORappletvosMatch5.0.0
ORappletvosMatch5.0.1
ORappletvosMatch5.0.2
ORappletvosMatch5.1.0
ORappletvosMatch5.1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | iphone_os | * | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
| apple | iphone_os | 1.0.0 | cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:* |
| apple | iphone_os | 1.0.1 | cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:* |
| apple | iphone_os | 1.0.2 | cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.0 | cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.0 | cpe:2.3:o:apple:iphone_os:1.1.0:-:ipodtouch:*:*:*:*:* |
| apple | iphone_os | 1.1.1 | cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.2 | cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.2 | cpe:2.3:o:apple:iphone_os:1.1.2:-:ipodtouch:*:*:*:*:* |
| apple | iphone_os | 1.1.3 | cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2013-0977
2022-10-03 16:15:03
seebug
seebug
Apple iPhone/iPad/iPod touch iOS 6.1.3之前版本安全绕过漏洞(CVE-2013-0977)
2013-03-20 00:00:00
prion
prion
Design/Logic Flaw
2013-03-20 14:55:00
nvd
nvd
CVE-2013-0977
2013-03-20 14:55:04
securityvulns
securityvulns
Apple TV multiple security vulnerabilities
2013-03-24 00:00:00
APPLE-SA-2013-03-19-2 Apple TV 5.2.1
2013-03-24 00:00:00
Apple iOS multiple security vulnerabilities
2013-03-24 00:00:00
nessus
nessus
Apple iOS < 6.1.3 Multiple Vulnerabilities
2013-03-20 00:00:00
Apple iOS < 6.1.3 Multiple Vulnerabilities
2013-03-20 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
5.5
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2013-0977