CVE Vulnerabilities

CVE-2013-0966

Published: Mar 15, 2013 | Modified: Mar 18, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.

Affected Software

Name Vendor Start Version End Version
Mac_os_x Apple 10.6.8 10.6.8
Mac_os_x_server Apple 10.6.8 10.6.8

References