Lucene search

K
cveMitreCVE-2009-1726
HistoryAug 06, 2009 - 4:30 p.m.

CVE-2009-1726

2009-08-0616:30:00
CWE-119
mitre
web.nvd.nist.gov
35
2
cve-2009-1726
colorsync
buffer overflow
mac os x
remote code execution
denial of service

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.209

Percentile

96.5%

Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.

Affected configurations

Nvd
Node
applemac_os_xMatch10.5.6
OR
applemac_os_xMatch10.4.11
OR
applemac_os_xMatch10.5
OR
applemac_os_xMatch10.5.0
OR
applemac_os_xMatch10.5.1
OR
applemac_os_xMatch10.5.2
OR
applemac_os_xMatch10.5.22008-002
OR
applemac_os_xMatch10.5.3
OR
applemac_os_xMatch10.5.4
OR
applemac_os_xMatch10.5.5
OR
applemac_os_xMatch10.5.6
OR
applemac_os_xMatch10.5.7
OR
applemac_os_x_serverMatch10.4.11
OR
applemac_os_x_serverMatch10.5
OR
applemac_os_x_serverMatch10.5.0
OR
applemac_os_x_serverMatch10.5.1
OR
applemac_os_x_serverMatch10.5.2
OR
applemac_os_x_serverMatch10.5.3
OR
applemac_os_x_serverMatch10.5.4
OR
applemac_os_x_serverMatch10.5.5
OR
applemac_os_x_serverMatch10.5.6
OR
applemac_os_x_serverMatch10.5.7
VendorProductVersionCPE
applemac_os_x_server10.5.5cpe:/o:apple:mac_os_x_server:10.5.5:::
applemac_os_x10.5.2cpe:/o:apple:mac_os_x:10.5.2:2008-002::
applemac_os_x_server10.5.1cpe:/o:apple:mac_os_x_server:10.5.1:::
applemac_os_x10.5.7cpe:/o:apple:mac_os_x:10.5.7:::
applemac_os_x_server10.5.2cpe:/o:apple:mac_os_x_server:10.5.2:::
applemac_os_x10.5.0cpe:/o:apple:mac_os_x:10.5.0:::
applemac_os_x10.5.6cpe:/a:apple:mac_os_x:10.5.6:::
applemac_os_x_server10.5.4cpe:/o:apple:mac_os_x_server:10.5.4:::
applemac_os_x_server10.5.3cpe:/o:apple:mac_os_x_server:10.5.3:::
applemac_os_x10.5.4cpe:/o:apple:mac_os_x:10.5.4:::
Rows per page:
1-10 of 221

References

Social References

More

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.209

Percentile

96.5%