cvelistv5 - cve-2013-5229

CVE-2013-5229 (GCVE-0-2013-5229)

Vulnerability from cvelistv5

Published

2015-11-14 02:00

Modified

2024-08-06 17:06

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

var-201511-0002

Vulnerability from variot

The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box. Apple OS X contains an issue with authentication when recovering from sleep mode. This issue exists due to a flaw in the the processing of the text entered in the dialog box upon recovering from sleep mode. Masaki Katayama of Cyber Risks Laboratory Naviplus CO,Ltd. reported this vulnerability to IPA. This may result in command execution at the remote host. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. The system supports software distribution, resource management and remote assistance, etc. An attacker in physical proximity could exploit this vulnerability by entering commands into a dialog box to bypass established access restrictions

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201511-0002",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.8.5"
      },
      {
        "model": "remote desktop",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "3.6.2"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "apple",
        "version": "3.6.2"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "mavericks  prior to 10.9"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "prior to 3.7"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.8.5"
      },
      {
        "model": "directory pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cosmicperl",
        "version": "10.0.3"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.1"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.5.1"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.4"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.3.2"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.3.1"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.3"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "remote desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.11"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.10"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.9"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.9"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.0.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.0.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "mac os",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "77576"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5229"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:apple_remote_desktop",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Masaki Katayama of Cyber Risks Laboratory Naviplus CO,Ltd.",
    "sources": [
      {
        "db": "BID",
        "id": "77576"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-5229",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.7,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 1.9,
            "id": "CVE-2013-5229",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 1.1,
            "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Local",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Partial",
            "baseScore": 3.7,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2015-000177",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.7,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 1.9,
            "id": "VHN-65231",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:H/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-5229",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2015-000177",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201511-247",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-65231",
            "trust": 0.1,
            "value": "LOW"
          },
          {
            "author": "VULMON",
            "id": "CVE-2013-5229",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65231"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-5229"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5229"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box. Apple OS X contains an issue with authentication when recovering from sleep mode. This issue exists due to a flaw in the the processing of the text entered in the dialog box upon recovering from sleep mode. Masaki Katayama of Cyber Risks Laboratory Naviplus CO,Ltd. reported this vulnerability to IPA. This may result in command execution at the remote host. \nAttackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. The system supports software distribution, resource management and remote assistance, etc. An attacker in physical proximity could exploit this vulnerability by entering commands into a dialog box to bypass established access restrictions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5229"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "db": "BID",
        "id": "77576"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65231"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-5229"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "JVN",
        "id": "JVN56210048",
        "trust": 2.9
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5229",
        "trust": 2.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1034187",
        "trust": 1.2
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-247",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "77576",
        "trust": 0.5
      },
      {
        "db": "VULHUB",
        "id": "VHN-65231",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-5229",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65231"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-5229"
      },
      {
        "db": "BID",
        "id": "77576"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5229"
      }
    ]
  },
  "id": "VAR-201511-0002",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65231"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:01:40.681000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Information from Apple",
        "trust": 0.8,
        "url": "http://jvn.jp/en/jp/JVN56210048/741993/index.html"
      },
      {
        "title": "Apple OS X  and Apple Remote Desktop Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58736"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-247"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-254",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65231"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5229"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://jvn.jp/en/jp/jvn56210048/index.html"
      },
      {
        "trust": 1.8,
        "url": "http://jvn.jp/en/jp/jvn56210048/741993/index.html"
      },
      {
        "trust": 1.8,
        "url": "http://jvndb.jvn.jp/jvndb/jvndb-2015-000177"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id/1034187"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5229"
      },
      {
        "trust": 0.8,
        "url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5229"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/remotedesktop/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/macosx/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/254.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/77576"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65231"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-5229"
      },
      {
        "db": "BID",
        "id": "77576"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5229"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-65231"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-5229"
      },
      {
        "db": "BID",
        "id": "77576"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5229"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65231"
      },
      {
        "date": "2015-11-14T00:00:00",
        "db": "VULMON",
        "id": "CVE-2013-5229"
      },
      {
        "date": "2015-11-13T00:00:00",
        "db": "BID",
        "id": "77576"
      },
      {
        "date": "2015-11-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "date": "2015-11-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201511-247"
      },
      {
        "date": "2015-11-14T03:59:00.127000",
        "db": "NVD",
        "id": "CVE-2013-5229"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-09-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65231"
      },
      {
        "date": "2017-09-14T00:00:00",
        "db": "VULMON",
        "id": "CVE-2013-5229"
      },
      {
        "date": "2015-11-13T00:00:00",
        "db": "BID",
        "id": "77576"
      },
      {
        "date": "2015-11-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      },
      {
        "date": "2015-11-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201511-247"
      },
      {
        "date": "2024-11-21T01:57:14.593000",
        "db": "NVD",
        "id": "CVE-2013-5229"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "77576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-247"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple OS X authentication issue when recovering from sleep mode",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-000177"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "77576"
      }
    ],
    "trust": 0.3
  }
}

gsd-2013-5229

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2013-5229

Aliases

CVE-2013-5229

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-5229",
    "description": "The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.",
    "id": "GSD-2013-5229"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-5229"
      ],
      "details": "The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.",
      "id": "GSD-2013-5229",
      "modified": "2023-12-13T01:22:21.496426Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2013-5229",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "JVNDB-2015-000177",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000177"
          },
          {
            "name": "http://jvn.jp/en/jp/JVN56210048/741993/index.html",
            "refsource": "CONFIRM",
            "url": "http://jvn.jp/en/jp/JVN56210048/741993/index.html"
          },
          {
            "name": "1034187",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034187"
          },
          {
            "name": "JVN#56210048",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN56210048/index.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.8.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:apple_remote_desktop:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.6.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5229"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-254"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://jvn.jp/en/jp/JVN56210048/741993/index.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://jvn.jp/en/jp/JVN56210048/741993/index.html"
            },
            {
              "name": "JVN#56210048",
              "refsource": "JVN",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN56210048/index.html"
            },
            {
              "name": "JVNDB-2015-000177",
              "refsource": "JVNDB",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000177"
            },
            {
              "name": "1034187",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034187"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.7,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 1.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-09-14T01:29Z",
      "publishedDate": "2015-11-14T03:59Z"
    }
  }
}

cve-2013-5229

Vulnerability from jvndb

Published

2015-11-13 14:25

Modified

2015-11-17 16:15

Severity ?

() - -

Summary

Apple OS X authentication issue when recovering from sleep mode

Details

Apple OS X contains an issue with authentication when recovering from sleep mode. This issue exists due to a flaw in the the processing of the text entered in the dialog box upon recovering from sleep mode. Masaki Katayama of Cyber Risks Laboratory Naviplus CO,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN56210048/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5229
	NVD	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5229
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Apple Inc.	Apple Remote Desktop
	Apple Inc.	Apple Mac OS X

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000177.html",
  "dc:date": "2015-11-17T16:15+09:00",
  "dcterms:issued": "2015-11-13T14:25+09:00",
  "dcterms:modified": "2015-11-17T16:15+09:00",
  "description": "Apple OS X contains an issue with authentication when recovering from sleep mode. This issue exists due to a flaw in the the processing of the text entered in the dialog box upon recovering from sleep mode.\r\n\r\nMasaki Katayama of Cyber Risks Laboratory Naviplus CO,Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000177.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:apple:apple_remote_desktop",
      "@product": "Apple Remote Desktop",
      "@vendor": "Apple Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:apple:mac_os_x",
      "@product": "Apple Mac OS X",
      "@vendor": "Apple Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "3.7",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2015-000177",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN56210048/index.html",
      "@id": "JVN#56210048",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5229",
      "@id": "CVE-2013-5229",
      "@source": "CVE"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5229",
      "@id": "CVE-2013-5229",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Apple OS X authentication issue when recovering from sleep mode"
}

fkie_cve-2013-5229

Vulnerability from fkie_nvd

Published

2015-11-14 03:59

Modified

2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://jvn.jp/en/jp/JVN56210048/741993/index.html	Vendor Advisory
product-security@apple.com	http://jvn.jp/en/jp/JVN56210048/index.html
product-security@apple.com	http://jvndb.jvn.jp/jvndb/JVNDB-2015-000177	Vendor Advisory
product-security@apple.com	http://www.securitytracker.com/id/1034187
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN56210048/741993/index.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN56210048/index.html
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/jvndb/JVNDB-2015-000177	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034187

Impacted products

	Vendor	Product	Version
	apple	mac_os_x	*
	apple	apple_remote_desktop	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2D98EB-2249-45AC-B9E7-2CD57A845BF4",
              "versionEndIncluding": "10.8.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:apple_remote_desktop:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224FFDC7-9377-472D-880C-CC52D73F696B",
              "versionEndIncluding": "3.6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box."
    },
    {
      "lang": "es",
      "value": "La funcionalidad Remote Desktop full-screen en Apple OS X en versiones anteriores a 10.9 y Apple Remote Desktop en versiones anteriores a 3.7 env\u00eda el texto de cuadro de di\u00e1logo a un host remoto conectado tras ser despertado de suspensi\u00f3n, lo que permite a atacantes f\u00edsicamente pr\u00f3ximos eludir las restricciones destinadas al acceso mediante la entrada de un comando en esta casilla."
    }
  ],
  "id": "CVE-2013-5229",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.7,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-11-14T03:59:00.127",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN56210048/741993/index.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://jvn.jp/en/jp/JVN56210048/index.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000177"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securitytracker.com/id/1034187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN56210048/741993/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN56210048/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034187"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-254"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-32xh-2x3r-9523

Vulnerability from github

Published

2022-05-17 01:06

Modified

2022-05-17 01:06

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-5229"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-11-14T03:59:00Z",
    "severity": "LOW"
  },
  "details": "The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.",
  "id": "GHSA-32xh-2x3r-9523",
  "modified": "2022-05-17T01:06:56Z",
  "published": "2022-05-17T01:06:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5229"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN56210048/741993/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN56210048/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000177"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034187"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cnvd-2015-07637

Vulnerability from cnvd

Title

Apple OS X和Apple Remote Desktop身份验证漏洞

Description

Apple Remote Desktop是美国苹果（Apple）公司的一套专用于Mac OS X（操作系统）的远程桌面管理系统。该系统支持软件分发、资源管理和远程协助等。 Apple OS X 10.9之前版本和Apple Remote Desktop 3.7之前版本的Remote Desktop full-screen功能中存在安全漏洞。由于程序连接的主机从睡眠模式中打开时未能正确处理对话框中的文本。物理位置临近的攻击者可通过向对话框中输入命令利用该漏洞绕过既定的访问限制。

Severity

低

Patch Name

Apple OS X和Apple Remote Desktop身份验证漏洞的补丁

Patch Description

Formal description

用户可联系供应商获得补丁信息： http://www.apple.com/

Reference

http://jvn.jp/en/jp/JVN56210048/741993/index.html http://jvn.jp/en/jp/JVN56210048/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000177

Impacted products

Name
['Apple Mac OS X Mavericks <10.9', 'Apple Remote Desktop <3.7']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2013-5229"
    }
  },
  "description": "Apple Remote Desktop\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8eMac OS X\uff08\u64cd\u4f5c\u7cfb\u7edf\uff09\u7684\u8fdc\u7a0b\u684c\u9762\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u8f6f\u4ef6\u5206\u53d1\u3001\u8d44\u6e90\u7ba1\u7406\u548c\u8fdc\u7a0b\u534f\u52a9\u7b49\u3002\r\n\r\nApple OS X 10.9\u4e4b\u524d\u7248\u672c\u548cApple Remote Desktop 3.7\u4e4b\u524d\u7248\u672c\u7684Remote Desktop full-screen\u529f\u80fd\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u7531\u4e8e\u7a0b\u5e8f\u8fde\u63a5\u7684\u4e3b\u673a\u4ece\u7761\u7720\u6a21\u5f0f\u4e2d\u6253\u5f00\u65f6\u672a\u80fd\u6b63\u786e\u5904\u7406\u5bf9\u8bdd\u6846\u4e2d\u7684\u6587\u672c\u3002\u7269\u7406\u4f4d\u7f6e\u4e34\u8fd1\u7684\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u5bf9\u8bdd\u6846\u4e2d\u8f93\u5165\u547d\u4ee4\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u65e2\u5b9a\u7684\u8bbf\u95ee\u9650\u5236\u3002",
  "discovererName": "Masaki Katayama",
  "formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.apple.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-07637",
  "openTime": "2015-11-18",
  "patchDescription": "Apple Remote Desktop\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8eMac OS X\uff08\u64cd\u4f5c\u7cfb\u7edf\uff09\u7684\u8fdc\u7a0b\u684c\u9762\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u8f6f\u4ef6\u5206\u53d1\u3001\u8d44\u6e90\u7ba1\u7406\u548c\u8fdc\u7a0b\u534f\u52a9\u7b49\u3002\r\nApple OS X 10.9\u4e4b\u524d\u7248\u672c\u548cApple Remote Desktop 3.7\u4e4b\u524d\u7248\u672c\u7684Remote Desktop full-screen\u529f\u80fd\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u7531\u4e8e\u7a0b\u5e8f\u8fde\u63a5\u7684\u4e3b\u673a\u4ece\u7761\u7720\u6a21\u5f0f\u4e2d\u6253\u5f00\u65f6\u672a\u80fd\u6b63\u786e\u5904\u7406\u5bf9\u8bdd\u6846\u4e2d\u7684\u6587\u672c\u3002\u7269\u7406\u4f4d\u7f6e\u4e34\u8fd1\u7684\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u5bf9\u8bdd\u6846\u4e2d\u8f93\u5165\u547d\u4ee4\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u65e2\u5b9a\u7684\u8bbf\u95ee\u9650\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apple OS X\u548cApple Remote Desktop\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apple Mac OS X Mavericks \u003c10.9",
      "Apple Remote Desktop \u003c3.7"
    ]
  },
  "referenceLink": "http://jvn.jp/en/jp/JVN56210048/741993/index.html \r\nhttp://jvn.jp/en/jp/JVN56210048/index.html \r\nhttp://jvndb.jvn.jp/jvndb/JVNDB-2015-000177",
  "serverity": "\u4f4e",
  "submitTime": "2015-11-17",
  "title": "Apple OS X\u548cApple Remote Desktop\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2013-5229 (GCVE-0-2013-5229)

Vulnerability from cvelistv5

var-201511-0002

Vulnerability from variot

gsd-2013-5229

Vulnerability from gsd

cve-2013-5229

Vulnerability from jvndb

fkie_cve-2013-5229

Vulnerability from fkie_nvd

ghsa-32xh-2x3r-9523

Vulnerability from github

cnvd-2015-07637

Vulnerability from cnvd

Tags

Sightings

Nomenclature