Lucene search
Niklas Baumstark and Samuel GroZDI-17-924HistoryNov 20, 2017 - 12:00 a.m.
Apple macOS nsurlstoraged Heap-based Buffer Overflow Privilege Escalation Vulnerability
2017-11-2000:00:00
Niklas Baumstark and Samuel Gro
www.zerodayinitiative.com
23
0.001 Low
EPSS
Percentile
41.0%
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nsurlstoraged service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to escalate privileges under the context of the current service.
References
Related
prion
prion
Memory corruption
2017-11-13 03:29:00
nvd
nvd
CVE-2017-13829
2017-11-13 03:29:01
cve
cve
CVE-2017-13829
2017-11-13 03:29:01
cvelist
cvelist
CVE-2017-13829
2017-11-13 03:00:00
apple
apple
About the security content of iTunes 12.7 for Windows
2017-09-12 00:00:00
About the security content of iTunes 12.7 for Windows - Apple Support
2018-10-18 05:03:03
About the security content of iCloud for Windows 7.0
2017-09-25 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities (HT208144)
2017-09-26 00:00:00
nessus
nessus
macOS < 10.13 Multiple Vulnerabilities
2017-10-03 00:00:00