Vulnerabilities > CVE-2013-0970 - Security Bypass vulnerability in Apple mac OS X 10.8.0/10.8.1/10.8.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Messages in Apple Mac OS X before 10.8.3 allows remote attackers to bypass the FaceTime call-confirmation prompt via a crafted FaceTime: URL.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 |
Nessus
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_10_8_3.NASL |
description | The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.3. The newer version contains multiple security-related fixes for the following components : - Apache - CoreTypes - International Components for Unicode - Identity Services - ImageIO - IOAcceleratorFamily - Kernel - Login Window - Messages - PDFKit - QuickTime - Security Note that the update also runs a malware removal tool that will remove the most common variants of malware. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 65577 |
published | 2013-03-15 |
reporter | This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/65577 |
title | Mac OS X 10.8.x < 10.8.3 Multiple Vulnerabilities |
code |
|
Seebug
bulletinFamily exploit description BUGTRAQ ID: 58517 CVE(CAN) ID: CVE-2013-0970 Apple Mac OS X是苹果电脑操作系统软件。 Apple Mac OS X 10.8.3之前版本的Messages允许远程攻击者通过特制的FaceTime: URL,绕过FaceTime呼叫确认提示。 0 Apple Mac OS X 10.7.4 Apple Mac OS X 10.7.3 Apple Mac OS X 10.7.2 Apple Mac OS X 10.7.1 Apple Mac OS X Server 10.7.4 Apple Mac OS X Server 10.7.3 Apple Mac OS X Server 10.7.2 Apple Mac OS X Server 10.7.1 Apple Mac OS X Server 10.7 Apple Mac OS X Server 10.6.8 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://support.apple.com/ id SSV:60682 last seen 2017-11-19 modified 2013-03-19 published 2013-03-19 reporter Root title Apple Mac OS X 安全绕过漏洞 bulletinFamily exploit description BUGTRAQ ID: 58494 CVE(CAN) ID: CVE-2013-0966,CVE-2013-0967,CVE-2013-0969,CVE-2013-0970,CVE-2013-0971,CVE-2013-0973,CVE-2013-0976 Apple Mac OS X是苹果电脑操作系统软件。 Apple Mac OS X 10.8.3之前版本在实现上存在多个安全漏洞,攻击者可利用这些漏洞执行任意代码、造成拒绝服务、未授权访问、窃取敏感信息、绕过安全限制及其他攻击。 0 Apple Mac OS X 10.7.4 Apple Mac OS X 10.7.3 Apple Mac OS X 10.7.2 Apple Mac OS X 10.7.1 Apple Mac OS X Server 10.7.4 Apple Mac OS X Server 10.7.3 Apple Mac OS X Server 10.7.2 Apple Mac OS X Server 10.7.1 Apple Mac OS X Server 10.7 Apple Mac OS X Server 10.6.8 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://support.apple.com/ id SSV:60678 last seen 2017-11-19 modified 2013-03-19 published 2013-03-19 reporter Root title Apple Mac OS X 多个安全漏洞(2013-001)