6.3
CVE-2013-5145
- EPSS 0.34%
- Veröffentlicht 19.09.2013 10:28:00
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to (1) load or (2) unload kernel extensions via a crafted message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.34% | 0.258 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.3 | 3.4 | 9.2 |
AV:L/AC:M/Au:N/C:N/I:C/A:C
|
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
http://secunia.com/advisories/54886
http://support.apple.com/kb/HT5934
http://www.securitytracker.com/id/1029054