VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 5, 2013· Updated Apr 29, 2026

CVE-2013-0982

CVE-2013-0982

Description

The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation.

Affected products

16
  • Apple Inc./Mac Os X10 versions
    cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*range: <=10.8.3
    • cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.7.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.7.4:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.7.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*
  • Apple Inc./Mac Os X Server6 versions
    cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x_server:10.7.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x_server:10.7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x_server:10.7.4:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x_server:10.7.5:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.