QwikSec

Security Database

CVE

CWE

Training

CVE-2013-3953

Published: Jun 5, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.syscan.org/index.php/sg/program/day/2

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

http://antid0te.com/syscan_2013/SyScan2013_Mountain_Lion_iOS_Vulnerabilities_Garage_Sale_Whitepaper.pdf

x_refsource_MISC

http://support.apple.com/kb/HT5934

x_refsource_CONFIRM

APPLE-SA-2013-09-18-2

vendor-advisory

x_refsource_APPLE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.