Lucene search
Niklas Baumstark and Samuel GroZDI-17-925HistoryNov 20, 2017 - 12:00 a.m.
Apple macOS nsurlstoraged Integer Overflow Privilege Escalation Vulnerability
2017-11-2000:00:00
Niklas Baumstark and Samuel Gro
www.zerodayinitiative.com
20
0.003 Low
EPSS
Percentile
65.3%
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nsurlstoraged service. The issue results from the lack of proper validation of a reference count, which can result in an integer overflow when incrementing it. An attacker can leverage this vulnerability to escalate privileges under the context of the current service.
References
Related
nvd
nvd
CVE-2017-13833
2017-11-13 03:29:02
prion
prion
Memory corruption
2017-11-13 03:29:00
cvelist
cvelist
CVE-2017-13833
2017-11-13 03:00:00
cve
cve
CVE-2017-13833
2017-11-13 03:29:02
nessus
nessus
Apple TV < 11.2 Multiple Vulnerabilities
2018-01-05 00:00:00
macOS < 10.13 Multiple Vulnerabilities
2017-10-03 00:00:00
apple
apple
About the security content of iTunes 12.7 for Windows
2017-09-12 00:00:00
About the security content of iTunes 12.7 for Windows - Apple Support
2018-10-18 05:03:03
About the security content of iCloud for Windows 7.0
2017-09-25 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities (HT208144)
2017-09-26 00:00:00