What is the severity of CVE-2013-0978?

CVE-2013-0978 has been rated as a moderate severity vulnerability due to its potential to bypass ASLR protection.

How do I fix CVE-2013-0978?

To mitigate CVE-2013-0978, update your iOS device to at least version 6.1.3 or later.

What versions of iOS are affected by CVE-2013-0978?

CVE-2013-0978 affects all versions of iOS before 6.1.3 and Apple TV versions before 5.2.1.

Who can exploit CVE-2013-0978?

Local users with access to the affected devices can exploit CVE-2013-0978 to bypass security mechanisms.

What is ASLR and how is it related to CVE-2013-0978?

Address Space Layout Randomization (ASLR) is a security feature that CVE-2013-0978 can bypass, potentially allowing unauthorized code execution.

Vulnerability/
CVE-2013-0978

low

2.1

CWE

200

20/3/2013

26/9/2019

CVE-2013-0978: Infoleak

First published: Wed Mar 20 2013(Updated: )

The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code.

Credit: product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iPhone OS	<=6.1.2
Apple iPhone OS	=1.0.0
Apple iPhone OS	=1.0.1
Apple iPhone OS	=1.0.2
Apple iPhone OS	=1.1.0
Apple iPhone OS	=1.1.0
Apple iPhone OS	=1.1.1
Apple iPhone OS	=1.1.2
Apple iPhone OS	=1.1.2
Apple iPhone OS	=1.1.3
Apple iPhone OS	=1.1.3
Apple iPhone OS	=1.1.4
Apple iPhone OS	=1.1.4
Apple iPhone OS	=1.1.5
Apple iPhone OS	=1.1.5
Apple iPhone OS	=2.0
Apple iPhone OS	=2.0.0
Apple iPhone OS	=2.0.0
Apple iPhone OS	=2.0.1
Apple iPhone OS	=2.0.1
Apple iPhone OS	=2.0.2
Apple iPhone OS	=2.0.2
Apple iPhone OS	=2.1
Apple iPhone OS	=2.1
Apple iPhone OS	=2.1.1
Apple iPhone OS	=2.2
Apple iPhone OS	=2.2
Apple iPhone OS	=2.2.1
Apple iPhone OS	=2.2.1
Apple iPhone OS	=3.0
Apple iPhone OS	=3.0
Apple iPhone OS	=3.0.1
Apple iPhone OS	=3.0.1
Apple iPhone OS	=3.1
Apple iPhone OS	=3.1
Apple iPhone OS	=3.1.2
Apple iPhone OS	=3.1.2
Apple iPhone OS	=3.1.3
Apple iPhone OS	=3.1.3
Apple iPhone OS	=3.2
Apple iPhone OS	=3.2
Apple iPhone OS	=3.2.1
Apple iPhone OS	=3.2.1
Apple iPhone OS	=3.2.2
Apple iPhone OS	=4.0
Apple iPhone OS	=4.0
Apple iPhone OS	=4.0.1
Apple iPhone OS	=4.0.1
Apple iPhone OS	=4.0.2
Apple iPhone OS	=4.1
Apple iPhone OS	=4.2.1
Apple iPhone OS	=4.2.5
Apple iPhone OS	=4.2.8
Apple iPhone OS	=4.3.0
Apple iPhone OS	=4.3.1
Apple iPhone OS	=4.3.2
Apple iPhone OS	=4.3.3
Apple iPhone OS	=4.3.5
Apple iPhone OS	=4.3.5
Apple iPhone OS	=4.3.5
Apple iPhone OS	=5.0
Apple iPhone OS	=5.0
Apple iPhone OS	=5.0
Apple iPhone OS	=5.0.1
Apple iPhone OS	=5.0.1
Apple iPhone OS	=5.0.1
Apple iPhone OS	=5.1
Apple iPhone OS	=5.1.1
Apple iPhone OS	=6.0
Apple iPhone OS	=6.0.1
Apple iPhone OS	=6.0.2
Apple iPhone OS	=6.1
tvOS	<=5.2.0
tvOS	=1.0.0
tvOS	=1.1.0
tvOS	=2.0.0
tvOS	=2.0.1
tvOS	=2.0.2
tvOS	=2.1.0
tvOS	=2.2.0
tvOS	=2.3.0
tvOS	=2.3.1
tvOS	=2.4.0
tvOS	=3.0.0
tvOS	=3.0.1
tvOS	=3.0.2
tvOS	=4.1.0
tvOS	=4.1.1
tvOS	=4.2.0
tvOS	=4.2.1
tvOS	=4.2.2
tvOS	=4.3.0
tvOS	=4.4.0
tvOS	=4.4.2
tvOS	=4.4.3
tvOS	=4.4.4
tvOS	=5.0.0
tvOS	=5.0.1
tvOS	=5.0.2
tvOS	=5.1.0
tvOS	=5.1.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-0978?
CVE-2013-0978 has been rated as a moderate severity vulnerability due to its potential to bypass ASLR protection.
How do I fix CVE-2013-0978?
To mitigate CVE-2013-0978, update your iOS device to at least version 6.1.3 or later.
What versions of iOS are affected by CVE-2013-0978?
CVE-2013-0978 affects all versions of iOS before 6.1.3 and Apple TV versions before 5.2.1.
Who can exploit CVE-2013-0978?
Local users with access to the affected devices can exploit CVE-2013-0978 to bypass security mechanisms.
What is ASLR and how is it related to CVE-2013-0978?
Address Space Layout Randomization (ASLR) is a security feature that CVE-2013-0978 can bypass, potentially allowing unauthorized code execution.

agent/references
agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/author
agent/severity
agent/weakness
agent/tags
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
vendor/apple
canonical/apple iphone os
version/apple iphone os/6.1.2
version/apple iphone os/1.0.0
version/apple iphone os/1.0.1
version/apple iphone os/1.0.2
version/apple iphone os/1.1.0
version/apple iphone os/1.1.1
version/apple iphone os/1.1.2
version/apple iphone os/1.1.3
version/apple iphone os/1.1.4
version/apple iphone os/1.1.5
version/apple iphone os/2.0
version/apple iphone os/2.0.0
version/apple iphone os/2.0.1
version/apple iphone os/2.0.2
version/apple iphone os/2.1
version/apple iphone os/2.1.1
version/apple iphone os/2.2
version/apple iphone os/2.2.1
version/apple iphone os/3.0
version/apple iphone os/3.0.1
version/apple iphone os/3.1
version/apple iphone os/3.1.2
version/apple iphone os/3.1.3
version/apple iphone os/3.2
version/apple iphone os/3.2.1
version/apple iphone os/3.2.2
version/apple iphone os/4.0
version/apple iphone os/4.0.1
version/apple iphone os/4.0.2
version/apple iphone os/4.1
version/apple iphone os/4.2.1
version/apple iphone os/4.2.5
version/apple iphone os/4.2.8
version/apple iphone os/4.3.0
version/apple iphone os/4.3.1
version/apple iphone os/4.3.2
version/apple iphone os/4.3.3
version/apple iphone os/4.3.5
version/apple iphone os/5.0
version/apple iphone os/5.0.1
version/apple iphone os/5.1
version/apple iphone os/5.1.1
version/apple iphone os/6.0
version/apple iphone os/6.0.1
version/apple iphone os/6.0.2
version/apple iphone os/6.1
canonical/tvos
version/tvos/5.2.0
version/tvos/1.0.0
version/tvos/1.1.0
version/tvos/2.0.0
version/tvos/2.0.1
version/tvos/2.0.2
version/tvos/2.1.0
version/tvos/2.2.0
version/tvos/2.3.0
version/tvos/2.3.1
version/tvos/2.4.0
version/tvos/3.0.0
version/tvos/3.0.1
version/tvos/3.0.2
version/tvos/4.1.0
version/tvos/4.1.1
version/tvos/4.2.0
version/tvos/4.2.1
version/tvos/4.2.2
version/tvos/4.3.0
version/tvos/4.4.0
version/tvos/4.4.2
version/tvos/4.4.3
version/tvos/4.4.4
version/tvos/5.0.0
version/tvos/5.0.1
version/tvos/5.0.2
version/tvos/5.1.0
version/tvos/5.1.1

CVE-2013-0978: Infoleak

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-0978?

How do I fix CVE-2013-0978?

What versions of iOS are affected by CVE-2013-0978?

Who can exploit CVE-2013-0978?

What is ASLR and how is it related to CVE-2013-0978?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-0978?

How do I fix CVE-2013-0978?

What versions of iOS are affected by CVE-2013-0978?

Who can exploit CVE-2013-0978?

What is ASLR and how is it related to CVE-2013-0978?