Details of VAR-201309-0042

ID

VAR-201309-0042

CVE

CVE-2013-1031

TITLE

Apple Mac OS X of Power Management Vulnerable to access restrictions

Trust: 0.8

sources: JVNDB: JVNDB-2013-004105

DESCRIPTION

Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access restrictions by visiting an unattended workstation on which a locking failure had prevented the startup of the screen saver. Apple Mac OS X is prone to a local security-bypass vulnerability that affects the 'Power Management' component. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Mac OS X 10.8 through versions 10.8.4 are vulnerable. The vulnerability is caused by the program not performing a lock operation when a power assertion problem occurs. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses the following: Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in Apache Description: Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.24. CVE-ID CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4558 Bind Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in BIND Description: Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. These issues were addressed by updating BIND to version 9.8.5-P1. The complete list of recognized system roots may be viewed via the Keychain Access application. This update addresses the issues by updating ClamAV to version 0.97.8. CVE-ID CVE-2013-2020 CVE-2013-2021 CoreGraphics Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JBIG2 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1025 : Felix Groebert of the Google Security Team ImageIO Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1026 : Felix Groebert of the Google Security Team Installer Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Packages could be opened after certificate revocation Description: When Installer encountered a revoked certificate, it would present a dialog with an option to continue. The issue was addressed by removing the dialog and refusing any revoked package. CVE-ID CVE-2013-1027 IPSec Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: An attacker may intercept data protected with IPSec Hybrid Auth Description: The DNS name of an IPSec Hybrid Auth server was not being matched against the certificate, allowing an attacker with a certificate for any server to impersonate any other. This issue was addressed by properly checking the certificate. CVE-ID CVE-2013-1028 : Alexander Traud of www.traud.de Kernel Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A local network user may cause a denial of service Description: An incorrect check in the IGMP packet parsing code in the kernel allowed a user who could send IGMP packets to the system to cause a kernel panic. The issue was addressed by removing the check. CVE-ID CVE-2013-1029 : Christopher Bohn of PROTECTSTAR INC. Mobile Device Management Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Passwords may be disclosed to other local users Description: A password was passed on the command-line to mdmclient, which made it visible to other users on the same system. The issue was addressed by communicating the password through a pipe. These issues were addressed by updating OpenSSL to version 0.9.8y. These issues were addressed by updating PHP to version 5.3.26. CVE-ID CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 CVE-2013-2110 PostgreSQL Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in PostgreSQL Description: Multiple vulnerabilities exist in PostgreSQL, the most serious of which may lead to data corruption or privilege escalation. This update addresses the issues by updating PostgreSQL to version 9.0.13. This issue was addressed through improved lock handling. CVE-ID CVE-2013-1031 QuickTime Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of 'idsc' atoms in QuickTime movie files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1032 : Jason Kratzer working with iDefense VCP Screen Lock Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A user with screen sharing access may be able to bypass the screen lock when another user is logged in Description: A session management issue existed in the screen lock's handling of screen sharing sessions. This issue was addressed through improved session tracking. CVE-ID CVE-2013-1033 : Jeff Grisso of Atos IT Solutions, Sebastien Stormacq Note: OS X Mountain Lion v10.8.5 also addresses an issue where certain Unicode strings could cause applications to unexpectedly terminate. OS X Mountain Lion v10.8.5 and Security Update 2013-004 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The Software Update utility will present the update that applies to your system configuration. Only one is needed, either OS X Mountain Lion v10.8.5, or Security Update 2013-004. For OS X Mountain Lion v10.8.4 The download file is named: OSXUpd10.8.5.dmg Its SHA-1 digest is: a74ab6d9501778437e7afba0bbed47b776a52b11 For OS X Mountain Lion v10.8 and v10.8.3 The download file is named: OSXUpdCombo10.8.5.dmg Its SHA-1 digest is: cb798ac9b97ceb2d8875af040ce4ff06187d61f2 For OS X Lion v10.7.5 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: dbc50fce7070f83b93b866a21b8f5c6e65007fa0 For OS X Lion Server v10.7.5 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 44a77edbd37732b865bc21a9aac443a3cdc47355 For Mac OS X v10.6.8 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: d07d5142a2549270f0d2eaddb262b41bb5c16b61 For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 8f9abe93f7f9427cf86b89bd67df948a85537dbc Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJSMiPGAAoJEPefwLHPlZEw9qMP/17D4Q8velZ3H4AumPzHqqB4 QxPcuv8PXzhi55epUm2bzNfXR9A5L9KvzEsmggqxO2/ESO0zfeKgAmXXjCI3z5Qc +WkHgqowjwXU9cbjyDkhwb/ylXml+vCSIv2m9eXXNRTRi0rm9ZLSI/JMSRfLMojQ bZbzQSoSpuGaOeOOWESKCf9zBXFG6DBGo0wg3z8Bkywjtp/7bfddPAFHxIdhjDDN 1IgmhPRnP6NEdNSfR6RwF94M+hyiJ2I2DIDZTIo+6B4Ne90bEYdBiQmSxwKFAyc3 H9VFfB8XmrtA2k4DhE6Ow2jD/Y//QKz6TbyZNSQawXxuPsj43v6/T6BsWdfddGbQ hDGU85e7z7a4gmIPuS3DjMhSEyAixL/B3vKYBaZltH6JBCcPuLvGrU7nAiJa7KGQ 8MToOyv42TSj95drFzysk5fcO0MIUH5xiGlaU+ScEdBSpIpHDfpjeJYPqxHeGFaa V2xCGw1vMYbMoxNzRL0FPPdUxJkyBHvuzZXh6c6fATuQIPCtwejpPrYEo7x7RRpl ytsVLe3V27j7IfWb62nI+mNVfH5m+YgK4SGK5DSq8Nm1Lk0w4HXmTtrhOCogsJ2I yoqeg/XakiSdxZxhSa9/ZZsMB+D1B8siNzCj0+U0k4zYjxEA0GdSu/dYRVT62oIn vBrJ5gm+nnyRe2TUMAwz =h9hc -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2013-1031 // JVNDB: JVNDB-2013-004105 // BID: 62374 // VULHUB: VHN-61033 // PACKETSTORM: 123228

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.8.1	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.8.0	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.8.2	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.8.3	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	lte	version:	10.8.4	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.8 to v10.8.4	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.8.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.8.5	Trust: 0.3

sources: BID: 62374 // JVNDB: JVNDB-2013-004105 // CNNVD: CNNVD-201309-214 // NVD: CVE-2013-1031

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-1031
value:	LOW
Trust: 1.0
NVD:	CVE-2013-1031
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201309-214
value:	LOW
Trust: 0.6
VULHUB:	VHN-61033
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2013-1031
severity:	LOW
baseScore:	3.3
vectorString:	AV:L/AC:M/AU:N/C:P/I:P/A:N
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.4
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2013-1031
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-61033
severity:	LOW
baseScore:	3.3
vectorString:	AV:L/AC:M/AU:N/C:P/I:P/A:N
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.4
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-61033 // JVNDB: JVNDB-2013-004105 // CNNVD: CNNVD-201309-214 // NVD: CVE-2013-1031

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-61033 // JVNDB: JVNDB-2013-004105 // NVD: CVE-2013-1031

THREAT TYPE

local

Trust: 0.9

sources: BID: 62374 // CNNVD: CNNVD-201309-214

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201309-214

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-004105

PATCH

title:	APPLE-SA-2013-09-12-1	url:	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html	Trust: 0.8
title:	HT5880	url:	http://support.apple.com/kb/HT5880	Trust: 0.8
title:	HT5880	url:	http://support.apple.com/kb/HT5880?viewlocale=ja_JP	Trust: 0.8

sources: JVNDB: JVNDB-2013-004105

EXTERNAL IDS

db:	NVD	id:	CVE-2013-1031	Trust: 2.9
db:	JVN	id:	JVNVU97033473	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-004105	Trust: 0.8
db:	CNNVD	id:	CNNVD-201309-214	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2013-09-12-1	Trust: 0.6
db:	BID	id:	62374	Trust: 0.4
db:	SEEBUG	id:	SSVID-61014	Trust: 0.1
db:	VULHUB	id:	VHN-61033	Trust: 0.1
db:	PACKETSTORM	id:	123228	Trust: 0.1

sources: VULHUB: VHN-61033 // BID: 62374 // JVNDB: JVNDB-2013-004105 // PACKETSTORM: 123228 // CNNVD: CNNVD-201309-214 // NVD: CVE-2013-1031

REFERENCES

url:	http://support.apple.com/kb/ht5880	Trust: 2.0
url:	http://lists.apple.com/archives/security-announce/2013/sep/msg00002.html	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1031	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu97033473/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1031	Trust: 0.8
url:	http://software.cisco.com/download/navigator.html?mdfid=283613663	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3499	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1899	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4558	Trust: 0.1
url:	http://support.apple.com/kb/ht1222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1903	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3817	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1635	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1025	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0169	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1029	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1643	Trust: 0.1
url:	http://www.apple.com/support/downloads/	Trust: 0.1
url:	https://www.traud.de	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2687	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1901	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1026	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4244	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1824	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1027	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1031	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1902	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1033	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-5166	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1032	Trust: 0.1
url:	http://gpgtools.org	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1030	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2686	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1028	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-5688	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0883	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1900	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0166	Trust: 0.1

sources: VULHUB: VHN-61033 // BID: 62374 // JVNDB: JVNDB-2013-004105 // PACKETSTORM: 123228 // CNNVD: CNNVD-201309-214 // NVD: CVE-2013-1031

CREDITS

Reported by the vendor.

Trust: 0.3

sources: BID: 62374

SOURCES

db:	VULHUB	id:	VHN-61033
db:	BID	id:	62374
db:	JVNDB	id:	JVNDB-2013-004105
db:	PACKETSTORM	id:	123228
db:	CNNVD	id:	CNNVD-201309-214
db:	NVD	id:	CVE-2013-1031

LAST UPDATE DATE

2025-04-11T22:34:44.626000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-61033	date:	2013-09-19T00:00:00
db:	BID	id:	62374	date:	2013-09-12T00:00:00
db:	JVNDB	id:	JVNDB-2013-004105	date:	2013-09-17T00:00:00
db:	CNNVD	id:	CNNVD-201309-214	date:	2013-09-23T00:00:00
db:	NVD	id:	CVE-2013-1031	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-61033	date:	2013-09-16T00:00:00
db:	BID	id:	62374	date:	2013-09-12T00:00:00
db:	JVNDB	id:	JVNDB-2013-004105	date:	2013-09-17T00:00:00
db:	PACKETSTORM	id:	123228	date:	2013-09-13T19:32:22
db:	CNNVD	id:	CNNVD-201309-214	date:	2013-09-18T00:00:00
db:	NVD	id:	CVE-2013-1031	date:	2013-09-16T13:02:32.877