Sign-up

ID

VAR-201306-0310


CVE

CVE-2013-3952


TITLE

Apple Mac OS X of XNU kernel In KASLR Vulnerability that breaks protection mechanisms

Trust: 0.8

sources: JVNDB: JVNDB-2013-002899

DESCRIPTION

The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROC_PIDFDPIPEINFO option to the proc_info system call for a kernel pipe handle. Local attackers can exploit this issue bypass security restrictions and perform unauthorized actions

Trust: 1.98

sources: NVD: CVE-2013-3952 // JVNDB: JVNDB-2013-002899 // BID: 60439 // VULHUB: VHN-63954

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.8.4

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.8.1

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.8.0

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.8.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.8.3

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.8.x

Trust: 0.8

vendor:applemodel:mac osscope:eqversion:x10.8.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

sources: BID: 60439 // JVNDB: JVNDB-2013-002899 // CNNVD: CNNVD-201306-092 // NVD: CVE-2013-3952

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-3952
value: LOW

Trust: 1.0

NVD: CVE-2013-3952
value: LOW

Trust: 0.8

CNNVD: CNNVD-201306-092
value: LOW

Trust: 0.6

VULHUB: VHN-63954
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2013-3952
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-63954
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-63954 // JVNDB: JVNDB-2013-002899 // CNNVD: CNNVD-201306-092 // NVD: CVE-2013-3952

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-63954 // JVNDB: JVNDB-2013-002899 // NVD: CVE-2013-3952

THREAT TYPE

local

Trust: 0.9

sources: BID: 60439 // CNNVD: CNNVD-201306-092

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201306-092

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-002899

PATCH
title:OS Xurl:http://www.apple.com/jp/osx/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-002899

EXTERNAL IDS
db:NVDid:CVE-2013-3952
Trust: 2.8
db:JVNDBid:JVNDB-2013-002899
Trust: 0.8
db:CNNVDid:CNNVD-201306-092
Trust: 0.7
db:BIDid:60439
Trust: 0.4
db:VULHUBid:VHN-63954
Trust: 0.1
sources:
            
            
            VULHUB: VHN-63954 // 
            
            
            
            BID: 60439 // 
            
            
            
            JVNDB: JVNDB-2013-002899 // 
            
            
            
            CNNVD: CNNVD-201306-092 // 
            
            
            
            NVD: CVE-2013-3952

REFERENCES
url:http://antid0te.com/syscan_2013/syscan2013_mountain_lion_ios_vulnerabilities_garage_sale_whitepaper.pdf
Trust: 2.8
url:http://www.syscan.org/index.php/sg/program/day/2
Trust: 2.5
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3952
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3952
Trust: 0.8
url:http://software.cisco.com/download/navigator.html?mdfid=283613663
Trust: 0.3
sources:
            
            
            VULHUB: VHN-63954 // 
            
            
            
            BID: 60439 // 
            
            
            
            JVNDB: JVNDB-2013-002899 // 
            
            
            
            CNNVD: CNNVD-201306-092 // 
            
            
            
            NVD: CVE-2013-3952

CREDITS
Stefan Esser
Trust: 0.3
sources:
            
            
            BID: 60439

SOURCES
db:VULHUBid:VHN-63954
db:BIDid:60439
db:JVNDBid:JVNDB-2013-002899
db:CNNVDid:CNNVD-201306-092
db:NVDid:CVE-2013-3952

LAST UPDATE DATE
2025-04-11T23:16:37.709000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-63954date:2013-06-06T00:00:00
db:BIDid:60439date:2013-04-26T00:00:00
db:JVNDBid:JVNDB-2013-002899date:2013-06-07T00:00:00
db:CNNVDid:CNNVD-201306-092date:2013-06-06T00:00:00
db:NVDid:CVE-2013-3952date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-63954date:2013-06-05T00:00:00
db:BIDid:60439date:2013-04-26T00:00:00
db:JVNDBid:JVNDB-2013-002899date:2013-06-07T00:00:00
db:CNNVDid:CNNVD-201306-092date:2013-06-06T00:00:00
db:NVDid:CVE-2013-3952date:2013-06-05T14:39:55.923