Lucene search

[email protected]CVE-2011-0198

HistoryJun 24, 2011 - 8:55 p.m.

CVE-2011-0198

2011-06-2420:55:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-0198

buffer overflow

apple type services

ats

mac os x

security vulnerability

truetype font

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.

Affected configurations

NVD

Node

applemac_os_xMatch10.6.0

applemac_os_xMatch10.6.1

applemac_os_xMatch10.6.2

applemac_os_xMatch10.6.3

applemac_os_xMatch10.6.4

applemac_os_xMatch10.6.5

applemac_os_xMatch10.6.6

applemac_os_xMatch10.6.7

Node

applemac_os_x_serverMatch10.6.0

applemac_os_x_serverMatch10.6.1

applemac_os_x_serverMatch10.6.2

applemac_os_x_serverMatch10.6.3

applemac_os_x_serverMatch10.6.4

applemac_os_x_serverMatch10.6.5

applemac_os_x_serverMatch10.6.6

applemac_os_x_serverMatch10.6.7

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.6.0
apple:mac_os_xapple mac os xeq10.6.1
apple:mac_os_xapple mac os xeq10.6.2
apple:mac_os_xapple mac os xeq10.6.3
apple:mac_os_xapple mac os xeq10.6.4
apple:mac_os_xapple mac os xeq10.6.5
apple:mac_os_xapple mac os xeq10.6.6
apple:mac_os_xapple mac os xeq10.6.7

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.6.0
apple:mac_os_x	apple mac os x	eq	10.6.1
apple:mac_os_x	apple mac os x	eq	10.6.2
apple:mac_os_x	apple mac os x	eq	10.6.3
apple:mac_os_x	apple mac os x	eq	10.6.4
apple:mac_os_x	apple mac os x	eq	10.6.5
apple:mac_os_x	apple mac os x	eq	10.6.6
apple:mac_os_x	apple mac os x	eq	10.6.7