mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
182 lines
6.0 KiB
JSON
182 lines
6.0 KiB
JSON
{
|
|
"id": "CVE-2013-0966",
|
|
"sourceIdentifier": "product-security@apple.com",
|
|
"published": "2013-03-15T20:55:10.697",
|
|
"lastModified": "2013-03-18T16:52:40.747",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El m\u00f3dulo mod_hfs_apple de Apple para el Servidor Apache HTTP en Apple Mac OS X anterior a v10.8.3 no controla correctamente caracteres Unicode, lo que permite a atacantes remotos eludir requisitos de autenticaci\u00f3n de directorio a trav\u00e9s de una ruta dise\u00f1ada en un URI."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 6.4
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 4.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E9D96EC5-8FFC-4C8D-9C3E-EFEE79D4D52C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A557D31B-4614-41E0-85EA-804C2DDF4919"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8961F444-48C4-4B54-829B-A1A2D0F2716C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "09A0FA11-6211-4962-A6E0-F00732818012"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8A36C17C-EBB3-4C42-9C75-6A7F2EE1F22C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A82DEF28-B061-44B3-AF9B-BE529DB457D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FFAECA7C-9A9F-4F5D-8E57-7334C34D24F7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0D318511-0594-4EE0-BA09-1FA110CFDD17"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "38823717-65A1-4587-8F05-32EA9A01084C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7BD4E77C-3F87-476B-BB66-75EECDFDB18E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DCDC2BD4-B8DB-4B23-82E3-9D2D7A32CBFE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "910034A6-3A04-404A-A5BC-D33BD15DCB91"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "85625414-1AA5-4523-99C0-E27359B568E4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8751C7BF-EDDA-4B23-9BE4-5F62B409198D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B2082D62-3821-4DBA-8690-67489F44C38D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8F0DB1BC-DC16-423E-B0C7-8E9C996A50B5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E59315BA-B9F1-46A5-86E7-8BE2ED97BA4F"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html",
|
|
"source": "product-security@apple.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |