Lucene search
PRIOn knowledge basePRION:CVE-2011-3446HistoryFeb 02, 2012 - 6:55 p.m.
Code injection
2012-02-0218:55:00
PRIOn knowledge base
www.prio-n.com
8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.1%
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mac_os_x | eq | 10.7.0 | |
| mac_os_x | le | 10.7.2 | |
| mac_os_x | eq | 10.7.1 | |
| mac_os_x_server | le | 10.7.2 | |
| mac_os_x_server | eq | 10.7.1 | |
| mac_os_x_server | eq | 10.7.0 |
References
Related
cert
cert
Apple Mac OS X ATS data-font memory corruption vulnerability
2012-02-02 00:00:00
seebug
seebug
Apple Mac OS X Apple Type Services ".dfont"字体文件内存破坏漏洞
2012-02-04 00:00:00
cve
cve
CVE-2011-3446
2012-02-02 18:55:00
cisa
cisa
Apple Releases Multiple Security Updates
2012-02-02 00:00:00
nessus
nessus
Mac OS X Multiple Vulnerabilities (Security Update 2012-001) (BEAST)
2012-02-02 00:00:00
Mac OS X 10.7.x < 10.7.3 Multiple Vulnerabilities (BEAST)
2012-02-02 00:00:00
8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.1%
Related for PRION:CVE-2011-3446