Main Vulnerability Database Vulnerabilities #VU42994

Permissions, Privileges, and Access Controls in macOS - CVE-2013-0969

Published: March 15, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU42994

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2013-0969

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Apple Inc.

Affected software:
macOS

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

Login Window in Apple Mac OS X before 10.8.3 does not prevent application launching with the VoiceOver feature, which allows physically proximate attackers to bypass authentication and make arbitrary System Preferences changes via unspecified use of the keyboard.

How to mitigate CVE-2013-0969

Install update from vendor's website.

Sources

http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html

Permissions, Privileges, and Access Controls in macOS - CVE-2013-0969

Detailed vulnerability description

How to mitigate CVE-2013-0969

Sources

Please verify you're human