CVE-2013-0969

MEDIUM

Description

Login Window in Apple Mac OS X before 10.8.3 does not prevent application launching with the VoiceOver feature, which allows physically proximate attackers to bypass authentication and make arbitrary System Preferences changes via unspecified use of the keyboard.

References

http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html

Details

Source: MITRE

Published: 2013-03-15

Updated: 2013-03-18

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM