Privacy Flaw in CFNetwork Affects Apple Mac OS X Safari
CVE-2013-0982

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X Server; Mac Os X
Vendor: CVE Published:; 5 June 2013

What is CVE-2013-0982?

A privacy vulnerability exists in the CFNetwork component of Apple Mac OS X prior to version 10.8.4, affecting the Private Browsing feature in Safari. This flaw permits the storage of permanent cookies even after users exit the application, which could allow physically proximate attackers to exploit unattended stations and bypass cookie-based authentication mechanisms. Consequently, this presents risks related to unauthorized access and data exposure, emphasizing the importance of vigilance and endpoint security measures.

References

http://support.apple.com/kb/HT5784

x_refsource_CONFIRM

http://lists.apple.com/archives/security-announce/2013/Ju...

vendor-advisoryx_refsource_APPLE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 5, 2013