|
289881
|
- |
|
apple
|
iphone_os
ipad
ipad_mini
ipad2
|
The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x through 6.1.3 on iPad devices does not properly validate the header of an AppleDouble file, which might allow local users to caus…
|
CWE-20
Improper Input Validation
|
CVE-2013-3955
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289882
|
- |
|
apple
|
mac_os_x
iphone_os
|
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service…
|
CWE-20
Improper Input Validation
|
CVE-2013-3954
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289883
|
- |
|
apple
|
mac_os_x
iphone_os
|
The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive inf…
|
CWE-200
Information Exposure
|
CVE-2013-3953
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289884
|
- |
|
apple
|
mac_os_x
|
The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROC_PIDFDPIPEINFO option to the proc_…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3952
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289885
|
- |
|
apple
|
watchos
iphone_os
mac_os_x
|
sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users…
|
CWE-20
Improper Input Validation
|
CVE-2013-3951
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289886
|
- |
|
apple
|
iphone_os
|
Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long st…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3950
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289887
|
- |
|
apple
|
mac_os_x
|
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the _POSIX_SPAWN_DISABLE_ASLR and _POSIX_SPAWN_ALLOW_DATA_EXEC flags for setuid and setgid programs, whi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3949
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289888
|
- |
|
apple
|
iphone_os
|
Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS Enterprise Deployment installation dialog, which makes it easier for remote attackers to trigger in…
|
CWE-20
Improper Input Validation
|
CVE-2013-3948
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289889
|
- |
|
php
|
php
|
The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (mem…
|
CWE-20
Improper Input Validation
|
CVE-2013-3735
|
2024-11-21 10:54 |
2013-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289890
|
- |
|
psychostats
|
psychostats
|
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.
|
CWE-89
SQL Injection
|
CVE-2013-3721
|
2024-11-21 10:54 |
2013-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
