CVE-2013-5135

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username.

Vulnerabilidad de format string en Screen Sharing Server de Apple Mac OS X anterior a 10.9 y Apple Remote Desktop anterior a 3.5.4 permite a atacantes remotos ejecutar código arbitrario a través especificadores de formato de cadena en el nombre de usuario VNC.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-08-15 CVE Reserved
2013-10-24 CVE Published
2024-09-17 CVE Updated
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-134: Use of Externally-Controlled Format String

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html	2018-10-30
http://lists.apple.com/archives/security-announce/2013/Oct/msg00007.html	2018-10-30
http://lists.apple.com/archives/security-announce/2013/Oct/msg00008.html	2018-10-30

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				<= 3.5.3 Search vendor "Apple" for product "Apple Remote Desktop" and version " <= 3.5.3"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.0.0 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.0.0"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.1 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.1"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.2 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.2"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.2.1 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.2.1"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.2.2 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.2.2"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.3 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.3"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.3.1 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.3.1"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.3.2 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.3.2"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.4 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.4"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.5 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.5"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.5.1 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.5.1"		-		Affected
Apple Search vendor "Apple"		Apple Remote Desktop Search vendor "Apple" for product "Apple Remote Desktop"				3.5.2 Search vendor "Apple" for product "Apple Remote Desktop" and version "3.5.2"		-		Affected
Apple Search vendor "Apple"		Mac Os X Search vendor "Apple" for product "Mac Os X"				<= 10.8.5 Search vendor "Apple" for product "Mac Os X" and version " <= 10.8.5"		supplemental_update		Affected
Apple Search vendor "Apple"		Mac Os X Search vendor "Apple" for product "Mac Os X"				10.8.0 Search vendor "Apple" for product "Mac Os X" and version "10.8.0"		-		Affected
Apple Search vendor "Apple"		Mac Os X Search vendor "Apple" for product "Mac Os X"				10.8.1 Search vendor "Apple" for product "Mac Os X" and version "10.8.1"		-		Affected
Apple Search vendor "Apple"		Mac Os X Search vendor "Apple" for product "Mac Os X"				10.8.2 Search vendor "Apple" for product "Mac Os X" and version "10.8.2"		-		Affected
Apple Search vendor "Apple"		Mac Os X Search vendor "Apple" for product "Mac Os X"				10.8.3 Search vendor "Apple" for product "Mac Os X" and version "10.8.3"		-		Affected
Apple Search vendor "Apple"		Mac Os X Search vendor "Apple" for product "Mac Os X"				10.8.4 Search vendor "Apple" for product "Mac Os X" and version "10.8.4"		-		Affected
Apple Search vendor "Apple"		Mac Os X Search vendor "Apple" for product "Mac Os X"				10.8.5 Search vendor "Apple" for product "Mac Os X" and version "10.8.5"		-		Affected