Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310802146
HistorySep 07, 2011 - 12:00 a.m.

Apple Mac OS X iWork 9.1 Update

2011-09-0700:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
52

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

High

EPSS

0.293

Percentile

97.0%

JSON

This host is missing an important security update according to
Mac OS X iWork 9.1 Update.

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:apple:keynote";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.802146");
  script_version("2023-07-28T05:05:23+0000");
  script_tag(name:"last_modification", value:"2023-07-28 05:05:23 +0000 (Fri, 28 Jul 2023)");
  script_tag(name:"creation_date", value:"2011-09-07 08:36:57 +0200 (Wed, 07 Sep 2011)");
  script_cve_id("CVE-2010-3785", "CVE-2010-3786", "CVE-2011-1417");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_name("Apple Mac OS X iWork 9.1 Update");
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_category(ACT_GATHER_INFO);
  script_family("Mac OS X Local Security Checks");
  script_dependencies("gb_iwork_detect_macosx.nasl");
  script_mandatory_keys("apple/iwork/keynote/detected");

  script_xref(name:"URL", value:"http://support.apple.com/kb/HT4684");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/44799");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/44812");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46832");
  script_xref(name:"URL", value:"http://lists.apple.com/archives/security-announce//2011//Jul/msg00003.html");
  script_xref(name:"URL", value:"http://support.apple.com/downloads/DL1097/en_US/iWork9.1Update.dmg");

  script_tag(name:"impact", value:"Successful exploitation could allow attackers to opening a maliciously
  crafted files, which leads to an unexpected application termination or arbitrary code execution.");

  script_tag(name:"affected", value:"Mac OS X iWork version 9.0 through 9.0.5.");

  script_tag(name:"insight", value:"The flaws are due to

  - a buffer overflow error, while handling the 'Excel' files.

  - a memory corruption issue, while handling the 'Excel' files and Microsoft
  Word documents.");

  script_tag(name:"solution", value:"Apply the update from the referenced link.");

  script_tag(name:"summary", value:"This host is missing an important security update according to
  Mac OS X iWork 9.1 Update.");

  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

## Refer below wiki link for version mapping
## http://en.wikipedia.org/wiki/IWork
## After installing the update, keynote version will gets update
if(version_in_range(version:vers, test_version:"5.0", test_version2:"5.0.5")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"5.1.1 (Note: this is the version of Keynote shipped with the fixed iWork 9.1)", install_path:path);
  security_message(port:0, data:report);
  exit(0);
}

exit(99);

Related

securityvulns 11
nessus 6
openvas 5
cvelist 3
prion 3
seebug 5
nvd 3
cve 3
zdi 1
securityvulns
securityvulns
Apple iWork multiple security vulnerabilities
2011-07-26 00:00:00
APPLE-SA-2011-07-20-2 iWork 9.1 Update
2011-07-26 00:00:00
APPLE-SA-2011-10-12-6 Numbers for iOS v1.5
2011-10-15 00:00:00
nessus
nessus
Mac OS X : iWork 9.x < 9.1 Multiple Vulnerabilities
2011-07-26 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2011-001)
2011-03-22 00:00:00
Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities
2011-03-22 00:00:00
openvas
openvas
Apple Mac OS X iWork 9.1 Update
2011-09-07 00:00:00
Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
2011-09-07 00:00:00
Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
2011-09-07 00:00:00
cvelist
cvelist
CVE-2010-3785
2010-11-16 21:00:00
CVE-2010-3786
2010-11-16 21:00:00
CVE-2011-1417
2011-03-11 17:00:00
prion
prion
Buffer overflow
2010-11-16 22:00:00
Memory corruption
2010-11-16 22:00:00
Integer overflow
2011-03-11 17:55:00
seebug
seebug
Apple iWork Numbers/Pages多个漏洞(CVE-2010-3785)
2011-07-28 00:00:00
Apple Mobile Safari for iOS 4.2.1远程代码执行漏洞
2011-04-24 00:00:00
Apple Safari OfficeArtBlip解析远程代码执行漏洞
2011-03-29 00:00:00
nvd
nvd
CVE-2010-3785
2010-11-16 22:00:16
CVE-2010-3786
2010-11-16 22:00:16
CVE-2011-1417
2011-03-11 17:55:03
cve
cve
CVE-2010-3785
2010-11-16 22:00:16
CVE-2011-1417
2011-03-11 17:55:03
CVE-2010-3786
2010-11-16 22:00:16
zdi
zdi
(Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability
2011-03-22 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

High

EPSS

0.293

Percentile

97.0%

JSON
Related for OPENVAS:1361412562310802146
securityvulns11nessus6openvas5cvelist3prion3seebug5nvd3cve3zdi1