Lucene search

[email protected]CVE-2009-2838

HistoryNov 10, 2009 - 7:30 p.m.

CVE-2009-2838

2009-11-1019:30:01

CWE-189

[email protected]

web.nvd.nist.gov

cve-2009-2838

quicklook

apple mac os x

integer overflow

remote code execution

denial of service

buffer overflow

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document that triggers a buffer overflow.

Affected configurations

NVD

Node

applemac_os_xMatch10.5.8

applemac_os_xMatch10.5.8server

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.5.8

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.5.8

References

lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

support.apple.com/kb/HT3937

www.securityfocus.com/bid/36956

www.vupen.com/english/advisories/2009/3184

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for CVE-2009-2838

cvelist1 prion1 nvd1 seebug1 nessus1 openvas2