nvd-json-data-feeds/CVE-2013/CVE-2013-09xx/CVE-2013-0969.json

{
  "id": "CVE-2013-0969",
  "sourceIdentifier": "product-security@apple.com",
  "published": "2013-03-15T20:55:10.773",
  "lastModified": "2013-03-18T16:01:13.677",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Login Window in Apple Mac OS X before 10.8.3 does not prevent application launching with the VoiceOver feature, which allows physically proximate attackers to bypass authentication and make arbitrary System Preferences changes via unspecified use of the keyboard."
    },
    {
      "lang": "es",
      "value": "Ventana de Login en Apple Mac OS X anterior a v10.8.3 no previene el lanzamiento de aplicaciones con la caracter\u00edstica VoiceOver, que permite a atacantes f\u00edsicos evitar autenticaciones y cambios en las preferencias del sistema a trav\u00e9s del teclado."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N",
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "NONE",
          "baseScore": 4.9
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2082D62-3821-4DBA-8690-67489F44C38D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F0DB1BC-DC16-423E-B0C7-8E9C996A50B5"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E59315BA-B9F1-46A5-86E7-8BE2ED97BA4F"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}