The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2013-03-15T01:00:00Z

Updated: 2024-09-17T02:31:07.307Z

Reserved: 2013-01-10T00:00:00Z

Link: CVE-2013-0966

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2013-03-15T20:55:10.697

Modified: 2013-03-18T16:52:40.747

Link: CVE-2013-0966

cve-icon Redhat

No data.