Lucene search

PRIOn knowledge basePRION:CVE-2010-3790

HistoryNov 16, 2010 - 10:00 p.m.

Design/Logic Flaw

2010-11-1622:00:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.078 Low

EPSS

Percentile

94.0%

JSON

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary.

CPENameOperatorVersion
mac_os_xeq10.6.0
mac_os_xeq10.6.1
mac_os_xeq10.6.2
mac_os_xeq10.6.3
mac_os_xeq10.6.4
mac_os_x_servereq10.6.0
mac_os_x_servereq10.6.1
mac_os_x_servereq10.6.2
mac_os_x_servereq10.6.3
mac_os_x_servereq10.6.4

Name	Operator	Version
mac_os_x	eq	10.6.0
mac_os_x	eq	10.6.1
mac_os_x	eq	10.6.2
mac_os_x	eq	10.6.3
mac_os_x	eq	10.6.4
mac_os_x_server	eq	10.6.0
mac_os_x_server	eq	10.6.1
mac_os_x_server	eq	10.6.2
mac_os_x_server	eq	10.6.3
mac_os_x_server	eq	10.6.4

References

lists.apple.com/archives/security-announce/2010//Dec/msg00000.html

lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

lists.apple.com/archives/security-announce/2011//Jun/msg00000.html

support.apple.com/kb/HT4435

support.apple.com/kb/HT4447

support.apple.com/kb/HT4723

www.securityfocus.com/bid/44794

www.securitytracker.com/id?1024729

www.zerodayinitiative.com/advisories/ZDI-11-038/

8.3 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.078 Low

EPSS

Percentile

94.0%

JSON

Related for PRION:CVE-2010-3790