Main Vulnerability Database Vulnerabilities #VU42443

Permissions, Privileges, and Access Controls in macOS - CVE-2013-5169

Published: October 24, 2013 / Updated: August 10, 2020

Vulnerability identifier: #VU42443

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2013-5169

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Apple Inc.

Affected software:
macOS

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to obtain sensitive information by reading the screen.

How to mitigate CVE-2013-5169

Install update from vendor's website.

Sources

http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html

Permissions, Privileges, and Access Controls in macOS - CVE-2013-5169

Detailed vulnerability description

How to mitigate CVE-2013-5169

Sources

Please verify you're human