CVE-2009-2837

2009-11-1019:30:01

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.02

Percentile

88.9%

JSON

Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.

Affected configurations

Nvd

Node

applemac_os_xMatch10.5.8

applemac_os_xMatch10.5.8server

applemac_os_xMatch10.6

applemac_os_xMatch10.6server

applemac_os_xMatch10.6.1

applemac_os_xMatch10.6.1server

VendorProductVersionCPE
applemac_os_x10.5.8cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
applemac_os_x10.5.8cpe:2.3:o:apple:mac_os_x:10.5.8:*:server:*:*:*:*:*
applemac_os_x10.6cpe:2.3:o:apple:mac_os_x:10.6:*:*:*:*:*:*:*
applemac_os_x10.6cpe:2.3:o:apple:mac_os_x:10.6:server:*:*:*:*:*:*
applemac_os_x10.6.1cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
applemac_os_x10.6.1cpe:2.3:o:apple:mac_os_x:10.6.1:*:server:*:*:*:*:*

Vendor	Product	Version	CPE
apple	mac_os_x	10.5.8	cpe:2.3:o:apple:mac_os_x:10.5.8:::::::*
apple	mac_os_x	10.5.8	cpe:2.3:o:apple:mac_os_x:10.5.8::server:::::
apple	mac_os_x	10.6	cpe:2.3:o:apple:mac_os_x:10.6:::::::*
apple	mac_os_x	10.6	cpe:2.3:o:apple:mac_os_x:10.6:server::::::
apple	mac_os_x	10.6.1	cpe:2.3:o:apple:mac_os_x:10.6.1:::::::*
apple	mac_os_x	10.6.1	cpe:2.3:o:apple:mac_os_x:10.6.1::server:::::