Lucene search

[email protected]CVE-2009-0012

HistoryFeb 13, 2009 - 12:30 a.m.

CVE-2009-0012

2009-02-1300:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-0012

heap-based buffer overflow

coretext

apple

mac os x 10.5.6

remote code execution

unicode string

security vulnerability

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.13 Low

EPSS

Percentile

95.5%

JSON

Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.5.6
apple:mac_os_x_serverapple mac os x servereq10.5.6

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.5.6
apple:mac_os_x_server	apple mac os x server	eq	10.5.6

References

lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

osvdb.org/51977

secunia.com/advisories/33937

support.apple.com/kb/HT3438

www.securityfocus.com/bid/33759

www.securityfocus.com/bid/33809

www.vupen.com/english/advisories/2009/0422

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.13 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2009-0012

prion1 seebug1 openvas2 nessus1