Lucene search

[email protected]CVE-2009-1726

HistoryAug 06, 2009 - 4:30 p.m.

CVE-2009-1726

2009-08-0616:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-1726

colorsync

buffer overflow

mac os x

remote code execution

denial of service

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.127 Low

EPSS

Percentile

95.4%

JSON

Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.5.2
apple:mac_os_x_serverapple mac os x servereq10.5.2
apple:mac_os_xapple mac os xeq10.5.6
apple:mac_os_x_serverapple mac os x servereq10.4.11
apple:mac_os_xapple mac os xeq10.5.5
apple:mac_os_x_serverapple mac os x servereq10.5.5
apple:mac_os_xapple mac os xeq10.5.1
apple:mac_os_x_serverapple mac os x servereq10.5.1
apple:mac_os_x_serverapple mac os x servereq10.5.6
apple:mac_os_xapple mac os xeq10.5.3

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.5.2
apple:mac_os_x_server	apple mac os x server	eq	10.5.2
apple:mac_os_x	apple mac os x	eq	10.5.6
apple:mac_os_x_server	apple mac os x server	eq	10.4.11
apple:mac_os_x	apple mac os x	eq	10.5.5
apple:mac_os_x_server	apple mac os x server	eq	10.5.5
apple:mac_os_x	apple mac os x	eq	10.5.1
apple:mac_os_x_server	apple mac os x server	eq	10.5.1
apple:mac_os_x_server	apple mac os x server	eq	10.5.6
apple:mac_os_x	apple mac os x	eq	10.5.3

Rows per page:

1-10 of 201

References

lists.apple.com/archives/security-announce/2009/Aug/msg00001.html

lists.apple.com/archives/security-announce/2010//Jun/msg00002.html

lists.apple.com/archives/security-announce/2010/Jun/msg00000.html

osvdb.org/56845

secunia.com/advisories/36096

secunia.com/advisories/40105

secunia.com/advisories/40196

support.apple.com/kb/HT3757

support.apple.com/kb/HT4196

support.apple.com/kb/HT4220

www.securityfocus.com/bid/35954

www.securitytracker.com/id?1022674

www.us-cert.gov/cas/techalerts/TA09-218A.html

www.vupen.com/english/advisories/2009/2172

www.vupen.com/english/advisories/2010/1373

www.vupen.com/english/advisories/2010/1512

exchange.xforce.ibmcloud.com/vulnerabilities/52419

exchange.xforce.ibmcloud.com/vulnerabilities/59162

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7499

Social References

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.127 Low

EPSS

Percentile

95.4%

JSON

Related for CVE-2009-1726

prion1 threatpost2 nessus9 securityvulns4 openvas2 seebug1