This vulnerability allows remote attackers to potentially disclose memory addresses on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how QuickTime.qts parses a data handler in specific atom within a .mov file. The application will utilize a string length to copy data into an heap buffer, if the string is of zero-length, the application will fail to copy anything and then proceed to use the uninitialized buffer as a string.
{"id": "ZDI-11-311", "vendorId": null, "type": "zdi", "bulletinFamily": "info", "title": "Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to potentially disclose memory addresses on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how QuickTime.qts parses a data handler in specific atom within a .mov file. The application will utilize a string length to copy data into an heap buffer, if the string is of zero-length, the application will fail to copy anything and then proceed to use the uninitialized buffer as a string.", "published": "2011-10-27T00:00:00", "modified": "2011-10-27T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-311/", "reporter": "Luigi Auriemma", "references": ["http://support.apple.com/kb/HT5002"], "cvelist": ["CVE-2011-3220"], "immutableFields": [], "lastseen": "2022-02-10T00:00:00", "viewCount": 10, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-3220"]}, {"type": "nessus", "idList": ["6039.PRM", "6052.PRM", "801196.PRM", "MACOSX_10_7_2.NASL", "MACOSX_SECUPD2011-006.NASL", "QUICKTIME_771.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310802198", "OPENVAS:1361412562310802336", "OPENVAS:802198", "OPENVAS:802336"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27155", "SECURITYVULNS:DOC:27218", "SECURITYVULNS:DOC:27224", "SECURITYVULNS:DOC:28389", "SECURITYVULNS:VULN:11973", "SECURITYVULNS:VULN:12002"]}, {"type": "seebug", "idList": ["SSV:23149"]}, {"type": "zdi", "idList": ["ZDI-12-136"]}], "rev": 4}, "score": {"value": 3.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2011-3220"]}, {"type": "nessus", "idList": ["801196.PRM"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310802198"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27155"]}, {"type": "zdi", "idList": ["ZDI-12-136"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2011-3220", "epss": "0.010870000", "percentile": "0.821000000", "modified": "2023-03-13"}], "vulnersScore": 3.1}, "_state": {"dependencies": 1647589307, "score": 1659697171, "epss": 1678800746}}
{"seebug": [{"lastseen": "2017-11-19T17:58:30", "description": "BUGTRAQ ID: 50130\r\nCVE ID: CVE-2011-3220\r\n\r\nQuickTime\u662f\u7531\u82f9\u679c\u7535\u8111\u6240\u5f00\u53d1\u7684\u4e00\u79cd\u591a\u5a92\u4f53\u67b6\u6784\uff0c\u80fd\u591f\u5904\u7406\u8bb8\u591a\u7684\u6570\u5b57\u89c6\u9891\u3001\u5a92\u4f53\u6bb5\u843d\u3001\u97f3\u6548\u3001\u6587\u5b57\u3001\u52a8\u753b\u3001\u97f3\u4e50\u683c\u5f0f\uff0c\u4ee5\u53ca\u4ea4\u4e92\u5f0f\u5168\u666f\u5f71\u50cf\u7684\u6570\u9879\u7c7b\u578b\u3002\r\n\r\nApple QuickTime\u5728\u5904\u7406\u89c6\u9891\u6587\u4ef6\u4e2d\u7684URL\u6570\u636e\u5904\u7406\u7a0b\u5e8f\u65f6\u5b58\u5728\u672a\u521d\u59cb\u5316\u5185\u5b58\u8bbf\u95ee\u95ee\u9898\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u8bfb\u53d6\u5185\u5b58\u5185\u5bb9\u3002\n\nApple QuickTime Player 7.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApple\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://support.apple.com/", "cvss3": {}, "published": "2011-10-28T00:00:00", "title": "Apple QuickTime\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-3220"], "modified": "2011-10-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-23149", "id": "SSV:23149", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "zdi": [{"lastseen": "2022-01-31T20:52:21", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within how the application handles a malformed atom type when playing a movie encoded with uncompressed audio. When decoding the audio sample the application will use a 16-bit length for allocating a buffer, and a different one for initializing it. This can cause memory corruption which can lead to code execution under the context of the application.", "cvss3": {}, "published": "2012-08-17T00:00:00", "type": "zdi", "title": "Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3220"], "modified": "2012-08-17T00:00:00", "id": "ZDI-12-136", "href": "https://www.zerodayinitiative.com/advisories/ZDI-12-136/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:45", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code\r\nExecution Vulnerability\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-12-136\r\nAugust 17, 2012\r\n\r\n- -- CVE ID:\r\nCVE-2011-3220\r\n\r\n- -- CVSS:\r\n7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P\r\n\r\n- -- Affected Vendors:\r\nApple\r\n\r\n- -- Affected Products:\r\nApple QuickTime\r\n\r\n- -- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Apple's QuickTime player. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page.\r\n\r\nThe specific flaw exists within how the application handles a malformed\r\natom type when playing a movie encoded with uncompressed audio. When\r\ndecoding the audio sample the application will use a 16-bit length for\r\nallocating a buffer, and a different one for initializing it. This can\r\ncause memory corruption which can lead to code execution under the context\r\nof the application.\r\n\r\n- -- Vendor Response:\r\nApple has issued an update to correct this vulnerability. More details can\r\nbe found at:\r\nhttp://support.apple.com/kb/HT1222\r\n\r\n- -- Disclosure Timeline:\r\n2011-11-29 - Vulnerability reported to vendor\r\n2012-08-17 - Coordinated public release of advisory\r\n\r\n- -- Credit:\r\nThis vulnerability was discovered by:\r\n* Luigi Auriemma\r\n\r\n- -- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: PGP Desktop 10.2.0 (Build 1950)\r\nCharset: utf-8\r\n\r\nwsBVAwUBUC5jalVtgMGTo1scAQLuNAf9H19sAiyxk8pcZQF5mIIUgYOgmDYL//oC\r\n3OJ5DoKa5/b6haVHagBOluLMP7epMRLH+9m2keVtbA8TN0/BGJV1W7sQh/rj6Hyg\r\n4hP95wuXU0lEMLwHqm1df3BIrlWcahiA47xsPCntim9qdMchrEKurI8koOCCT+k9\r\n9q6AWe5MpZNuGROSiOStBs+YCftZzjdGVyOx+1hJdH+XRBLlOZ438yMnJTB0y9BM\r\njo3ifV9OwOb3mMlkMOgVmSgvZVzSDkRPVS3ubuGcH+BY53ynbx7XwrmjbxZPvQIM\r\naNYov87jOUVQIS09/AN4yNqStb/ZQbFmpx6KaocJHmPBteA0tlToPA==\r\n=sqAI\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2012-08-20T00:00:00", "type": "securityvulns", "title": "ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-3220"], "modified": "2012-08-20T00:00:00", "id": "SECURITYVULNS:DOC:28389", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28389", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:42", "description": "ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code\r\nExecution Vulnerability\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-311\r\nOctober 27, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-3220\r\n\r\n-- CVSS:\r\n9, AV:N/AC:L/Au:N/C:P/I:P/A:C\r\n\r\n-- Affected Vendors:\r\n\r\nApple\r\n\r\n\r\n\r\n-- Affected Products:\r\n\r\nApple Quicktime\r\n\r\n\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11804.\r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to potentially disclose\r\nmemory addresses on vulnerable installations of Apple QuickTime Player.\r\nUser interaction is required to exploit this vulnerability in that the\r\ntarget must visit a malicious page or open a malicious file.\r\n\r\nThe specific flaw exists within how QuickTime.qts parses a data handler\r\nin specific atom within a .mov file. The application will utilize a\r\nstring length to copy data into an heap buffer, if the string is of\r\nzero-length, the application will fail to copy anything and then proceed\r\nto use the uninitialized buffer as a string.\r\n\r\n-- Vendor Response:\r\n\r\nApple has issued an update to correct this vulnerability. More details\r\ncan be found at:\r\n\r\nhttp://support.apple.com/kb/HT5002\r\n\r\n\r\n\r\n-- Disclosure Timeline:\r\n2011-05-12 - Vulnerability reported to vendor\r\n2011-10-27 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n\r\n* Luigi Auriemma\r\n\r\n\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi\r\n", "cvss3": {}, "published": "2011-10-31T00:00:00", "type": "securityvulns", "title": "ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-3220"], "modified": "2011-10-31T00:00:00", "id": "SECURITYVULNS:DOC:27224", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27224", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:42", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2011-10-26-1 QuickTime 7.7.1\r\n\r\nQuickTime 7.7.1 is now available and addresses the following:\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime's handling of\r\nH.264 encoded movie files. For OS X Lion systems, this issue is\r\naddressed in OS X Lion v10.7.2. For Mac OS X v10.6 systems, this\r\nissue is addressed in Security Update 2011-006.\r\nCVE-ID\r\nCVE-2011-3219 : Damian Put working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to the\r\ndisclosure of memory contents\r\nDescription: An uninitialized memory access issue existed in\r\nQuickTime's handling of URL data handlers within movie files. For OS\r\nX Lion systems, this issue is addressed in OS X Lion v10.7.2. For Mac\r\nOS X v10.6 systems, this issue is addressed in Security Update\r\n2011-006.\r\nCVE-ID\r\nCVE-2011-3220 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An implementation issue existed in QuickTime's handling\r\nof the atom hierarchy within a movie file. For OS X Lion systems,\r\nthis issue is addressed in OS X Lion v10.7.2. For Mac OS X v10.6\r\nsystems, this issue is addressed in Security Update 2011-006.\r\nCVE-ID\r\nCVE-2011-3221 : an anonymous researcher working with TippingPoint's\r\nZero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: An attacker in a privileged network position may inject\r\nscript in the local domain when viewing template HTML\r\nDescription: A cross-site scripting issue existed in QuickTime\r\nPlayer's "Save for Web" export. The template HTML files generated by\r\nthis feature referenced a script file from a non-encrypted origin. An\r\nattacker in a privileged network position may be able to inject\r\nmalicious scripts in the local domain if the user views a template\r\nfile locally. This issue is addressed by removing the reference to an\r\nonline script. This issue does not affect OS X Lion systems. For Mac\r\nOS X v10.6 systems, this issue is addressed in Security Update\r\n2011-006.\r\nCVE-ID\r\nCVE-2011-3218 : Aaron Sigel of vtty.com\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted FlashPix file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime's handling of\r\nFlashPix files. For OS X Lion systems, this issue is addressed in OS\r\nX Lion v10.7.2. For Mac OS X v10.6 systems, this issue is addressed\r\nin Security Update 2011-006.\r\nCVE-ID\r\nCVE-2011-3222 : Damian Put working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime's handling of\r\nFLIC files. For OS X Lion systems, this issue is addressed in OS X\r\nLion v10.7.2. For Mac OS X v10.6 systems, this issue is addressed in\r\nSecurity Update 2011-006.\r\nCVE-ID\r\nCVE-2011-3223 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in\r\nQuickTime's handling of movie files. For OS X Lion systems, these\r\nissues are addressed in OS X Lion v10.7.2. For Mac OS X v10.6\r\nsystems, these issues are addressed in Security Update 2011-006.\r\nCVE-ID\r\nCVE-2011-3228 : Apple\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted PICT file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An integer overflow issue existed in the handling of\r\nPICT files. This issue does not affect Mac OS X systems.\r\nCVE-ID\r\nCVE-2011-3247 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A signedness issue existed in the handling of font\r\ntables embedded in QuickTime movie files.\r\nCVE-ID\r\nCVE-2011-3248 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow issue existed in the handling of FLC\r\nencoded movie files.\r\nCVE-ID\r\nCVE-2011-3249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An integer overflow issue existed in the handling of\r\nJPEG2000 encoded movie files.\r\nCVE-ID\r\nCVE-2011-3250 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\nTKHD atoms in QuickTime movie files. This issue does not affect Mac\r\nOS X systems.\r\nCVE-ID\r\nCVE-2011-3251 : Damian Put working with TippingPoint's Zero Day\r\nInitiative\r\n\r\n\r\nQuickTime 7.7.1 may be obtained from the QuickTime Downloads site:\r\nhttp://www.apple.com/quicktime/download/\r\n\r\nThe download file is named: "QuickTimeInstaller.exe"\r\nIts SHA-1 digest is: 9bf0e5da752663d1b8d8a415f938dc2d3b04eee5\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\r\n\r\niQEcBAEBAgAGBQJOqH2VAAoJEGnF2JsdZQeecGQIAIY4HmK221wqZEuxnTFYZdnv\r\nCFnX2vc1cn22XODSXQV5x38zEd5RV1X/Crh3QcG/rSmhOKxckCJG5G4cRk9dNmdu\r\nvpaU3+cceDTWieSmgwZX0QRScqdn6+rMHzJqWnR8i1E+bfDKhB5fl4eB1IGmRnAk\r\nW4wZvUd06pMwSKm35d7whBBsiIz0gmIGz2Ktf7ft6wObHyy0Gq/eHWZFm2/VdX1p\r\nZ+gXnbKTsYsgSeE33IGqgbA6+yFpA41ueKqR6084n6aUWdpb7GHpTNI5v3h7Sq53\r\ni3BxkfDIOpgHyd7/G/b1Rmmv9k6fO64GCyvvuxr6laIstfCPYqROoajx1tsFStU=\r\n=LmVu\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2011-10-31T00:00:00", "type": "securityvulns", "title": "APPLE-SA-2011-10-26-1 QuickTime 7.7.1", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-3221", "CVE-2011-3249", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3248", "CVE-2011-3220", "CVE-2011-3228", "CVE-2011-3247", "CVE-2011-3251", "CVE-2011-3219", "CVE-2011-3250", "CVE-2011-3218"], "modified": "2011-10-31T00:00:00", "id": "SECURITYVULNS:DOC:27218", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27218", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:10:38", "description": "Multiple memory corruption on different multimedia formats parsing, crossite scripting.", "cvss3": {}, "published": "2012-08-20T00:00:00", "type": "securityvulns", "title": "Apple QuickTime multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-3221", "CVE-2011-3249", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3248", "CVE-2011-3220", "CVE-2011-3228", "CVE-2011-3247", "CVE-2011-3251", "CVE-2011-3219", "CVE-2011-3250", "CVE-2011-3218"], "modified": "2012-08-20T00:00:00", "id": "SECURITYVULNS:VULN:12002", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12002", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:42", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006\r\n\r\nOS X Lion v10.7.2 and Security Update 2011-006 is now available and\r\naddresses the following:\r\n\r\nApache\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Apache is updated to version 2.2.20 to address several\r\nvulnerabilities, the most serious of which may lead to a denial of\r\nservice. CVE-2011-0419 does not affect OS X Lion systems. Further\r\ninformation is available via the Apache web site at\r\nhttp://httpd.apache.org/\r\nCVE-ID\r\nCVE-2011-0419\r\nCVE-2011-3192\r\n\r\nApplication Firewall\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Executing a binary with a maliciously crafted name may lead\r\nto arbitrary code execution with elevated privileges\r\nDescription: A format string vulnerability existed in Application\r\nFirewall's debug logging.\r\nCVE-ID\r\nCVE-2011-0185 : an anonymous reporter\r\n\r\nATS\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing or downloading a document containing a maliciously\r\ncrafted embedded font may lead to arbitrary code execution\r\nDescription: A signedness issue existed in ATS' handling of Type 1\r\nfonts. This issue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3437\r\n\r\nATS\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing or downloading a document containing a maliciously\r\ncrafted embedded font may lead to arbitrary code execution\r\nDescription: An out of bounds memory access issue existed in ATS'\r\nhandling of Type 1 fonts. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0229 : Will Dormann of the CERT/CC\r\n\r\nATS\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Applications which use the ATSFontDeactivate API may be\r\nvulnerable to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: A buffer overflow issue existed in the\r\nATSFontDeactivate API.\r\nCVE-ID\r\nCVE-2011-0230 : Steven Michaud of Mozilla\r\n\r\nBIND\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in BIND 9.7.3\r\nDescription: Multiple denial of service issues existed in BIND\r\n9.7.3. These issues are addressed by updating BIND to version\r\n9.7.3-P3.\r\nCVE-ID\r\nCVE-2011-1910\r\nCVE-2011-2464\r\n\r\nBIND\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in BIND\r\nDescription: Multiple denial of service issues existed in BIND.\r\nThese issues are addressed by updating BIND to version 9.6-ESV-R4-P3.\r\nCVE-ID\r\nCVE-2009-4022\r\nCVE-2010-0097\r\nCVE-2010-3613\r\nCVE-2010-3614\r\nCVE-2011-1910\r\nCVE-2011-2464\r\n\r\nCertificate Trust Policy\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1.\r\nImpact: Root certificates have been updated\r\nDescription: Several trusted certificates were added to the list of\r\nsystem roots. Several existing certificates were updated to their\r\nmost recent version. The complete list of recognized system roots may\r\nbe viewed via the Keychain Access application.\r\n\r\nCFNetwork\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Safari may store cookies it is not configured to accept\r\nDescription: A synchronization issue existed in CFNetwork's handling\r\nof cookie policies. Safari's cookie preferences may not be honored,\r\nallowing websites to set cookies that would be blocked were the\r\npreference enforced. This update addresses the issue through improved\r\nhandling of cookie storage.\r\nCVE-ID\r\nCVE-2011-0231 : Martin Tessarek, Steve Riggins of Geeks R Us, Justin\r\nC. Walker, and Stephen Creswell\r\n\r\nCFNetwork\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in CFNetwork's handling of HTTP\r\ncookies. When accessing a maliciously crafted HTTP or HTTPS URL,\r\nCFNetwork could incorrectly send the cookies for a domain to a server\r\noutside that domain. This issue does not affect systems prior to OS X\r\nLion.\r\nCVE-ID\r\nCVE-2011-3246 : Erling Ellingsen of Facebook\r\n\r\nCoreFoundation\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted website or e-mail message may\r\nlead to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: A memory corruption issue existed in CoreFoundation's\r\nhandling of string tokenization. This issue does not affect OS X Lion\r\nsystems. This update addresses the issue through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2011-0259 : Apple\r\n\r\nCoreMedia\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of video data from another site\r\nDescription: A cross-origin issue existed in CoreMedia's handling of\r\ncross-site redirects. This issue is addressed through improved origin\r\ntracking.\r\nCVE-ID\r\nCVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability\r\nResearch (MSVR)\r\n\r\nCoreMedia\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of QuickTime movie files. These issues do not affect OS X\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-0224 : Apple\r\n\r\nCoreProcesses\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A person with physical access to a system may partially\r\nbypass the screen lock\r\nDescription: A system window, such as a VPN password prompt, that\r\nappeared while the screen was locked may have accepted keystrokes\r\nwhile the screen was locked. This issue is addressed by preventing\r\nsystem windows from requesting keystrokes while the screen is locked.\r\nThis issue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-0260 : Clint Tseng of the University of Washington, Michael\r\nKobb, and Adam Kemp\r\n\r\nCoreStorage\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Converting to FileVault does not erase all existing data\r\nDescription: After enabling FileVault, approximately 250MB at the\r\nstart of the volume was left unencrypted on the disk in an unused\r\narea. Only data which was present on the volume before FileVault was\r\nenabled was left unencrypted. This issue is addressed by erasing this\r\narea when enabling FileVault, and on the first use of an encrypted\r\nvolume affected by this issue. This issue does not affect systems\r\nprior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3212 : Judson Powers of ATC-NY\r\n\r\nFile Systems\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: An attacker in a privileged network position may manipulate\r\nHTTPS server certificates, leading to the disclosure of sensitive\r\ninformation\r\nDescription: An issue existed in the handling of WebDAV volumes on\r\nHTTPS servers. If the server presented a certificate chain that could\r\nnot be automatically verified, a warning was displayed and the\r\nconnection was closed. If the user clicked the "Continue" button in\r\nthe warning dialog, any certificate was accepted on the following\r\nconnection to that server. An attacker in a privileged network\r\nposition may have manipulated the connection to obtain sensitive\r\ninformation or take action on the server on the user's behalf. This\r\nupdate addresses the issue by validating that the certificate\r\nreceived on the second connection is the same certificate originally\r\npresented to the user.\r\nCVE-ID\r\nCVE-2011-3213 : Apple\r\n\r\nIOGraphics\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: A person with physical access may be able to bypass the\r\nscreen lock\r\nDescription: An issue existed with the screen lock when used with\r\nApple Cinema Displays. When a password is required to wake from\r\nsleep, a person with physical access may be able to access the system\r\nwithout entering a password if the system is in display sleep mode.\r\nThis update addresses the issue by ensuring that the lock screen is\r\ncorrectly activated in display sleep mode. This issue does not affect\r\nOS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3214 : Apple\r\n\r\niChat Server\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: A remote attacker may cause the Jabber server to consume\r\nsystem resources disproportionately\r\nDescription: An issue existed in the handling of XML external\r\nentities in jabberd2, a server for the Extensible Messaging and\r\nPresence Protocol (XMPP). jabberd2 expands external entities in\r\nincoming requests. This allows an attacker to consume system\r\nresources very quickly, denying service to legitimate users of the\r\nserver. This update addresses the issue by disabling entity expansion\r\nin incoming requests.\r\nCVE-ID\r\nCVE-2011-1755\r\n\r\nKernel\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A person with physical access may be able to access the\r\nuser's password\r\nDescription: A logic error in the kernel's DMA protection permitted\r\nfirewire DMA at loginwindow, boot, and shutdown, although not at\r\nscreen lock. This update addresses the issue by preventing firewire\r\nDMA at all states where the user is not logged in.\r\nCVE-ID\r\nCVE-2011-3215 : Passware, Inc.\r\n\r\nKernel\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: An unprivileged user may be able to delete another user's\r\nfiles in a shared directory\r\nDescription: A logic error existed in the kernel's handling of file\r\ndeletions in directories with the sticky bit.\r\nCVE-ID\r\nCVE-2011-3216 : Gordon Davisson of Crywolf, Linc Davis, R. Dormer,\r\nand Allan Schmid and Oliver Jeckel of brainworks Training\r\n\r\nlibsecurity\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted website or e-mail message may\r\nlead to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: An error handling issue existed when parsing a\r\nnonstandard certificate revocation list extension.\r\nCVE-ID\r\nCVE-2011-3227 : Richard Godbee of Virginia Tech\r\n\r\nMailman\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in Mailman 2.1.14\r\nDescription: Multiple cross-site scripting issues existed in Mailman\r\n2.1.14. These issues are addressed by improved encoding of characters\r\nin HTML output. Further information is available via the Mailman site\r\nat http://mail.python.org/pipermail/mailman-\r\nannounce/2011-February/000158.html This issue does not affect OS X\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-0707\r\n\r\nMediaKit\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Opening a maliciously crafted disk image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of disk images. These issues do not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-3217 : Apple\r\n\r\nOpen Directory\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Any user may read another local user's password data\r\nDescription: An access control issue existed in Open Directory. This\r\nissue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3435 : Arek Dreyer of Dreyer Network Consultants, Inc, and\r\nPatrick Dunstan at defenseindepth.net\r\n\r\nOpen Directory\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: An authenticated user may change that account's password\r\nwithout providing the current password\r\nDescription: An access control issue existed in Open Directory. This\r\nissue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3436 : Patrick Dunstan at defenceindepth.net\r\n\r\nOpen Directory\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A user may be able to log in without a password\r\nDescription: When Open Directory is bound to an LDAPv3 server using\r\nRFC2307 or custom mappings, such that there is no\r\nAuthenticationAuthority attribute for a user, an LDAP user may be\r\nallowed to log in without a password. This issue does not affect\r\nsystems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3226 : Jeffry Strunk of The University of Texas at Austin,\r\nSteven Eppler of Colorado Mesa University, Hugh Cole-Baker, and\r\nFrederic Metoz of Institut de Biologie Structurale\r\n\r\nPHP\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A signedness issue existed in FreeType's handling of\r\nType 1 fonts. This issue is addressed by updating FreeType to version\r\n2.4.6. This issue does not affect systems prior to OS X Lion. Further\r\ninformation is available via the FreeType site at\r\nhttp://www.freetype.org/\r\nCVE-ID\r\nCVE-2011-0226\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in libpng 1.4.3\r\nDescription: libpng is updated to version 1.5.4 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-2690\r\nCVE-2011-2691\r\nCVE-2011-2692\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in PHP 5.3.4\r\nDescription: PHP is updated to version 5.3.6 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. This issues do not affect OS X Lion systems. Further\r\ninformation is available via the PHP website at http://www.php.net/\r\nCVE-ID\r\nCVE-2010-3436\r\nCVE-2010-4645\r\nCVE-2011-0420\r\nCVE-2011-0421\r\nCVE-2011-0708\r\nCVE-2011-1092\r\nCVE-2011-1153\r\nCVE-2011-1466\r\nCVE-2011-1467\r\nCVE-2011-1468\r\nCVE-2011-1469\r\nCVE-2011-1470\r\nCVE-2011-1471\r\n\r\npostfix\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: An attacker in a privileged network position may manipulate\r\nmail sessions, resulting in the disclosure of sensitive information\r\nDescription: A logic issue existed in Postfix in the handling of the\r\nSTARTTLS command. After receiving a STARTTLS command, Postfix may\r\nprocess other plain-text commands. An attacker in a privileged\r\nnetwork position may manipulate the mail session to obtain sensitive\r\ninformation from the encrypted traffic. This update addresses the\r\nissue by clearing the command queue after processing a STARTTLS\r\ncommand. This issue does not affect OS X Lion systems. Further\r\ninformation is available via the Postfix site at\r\nhttp://www.postfix.org/announcements/postfix-2.7.3.html\r\nCVE-ID\r\nCVE-2011-0411\r\n\r\npython\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in python\r\nDescription: Multiple vulnerabilities existed in python, the most\r\nserious of which may lead to arbitrary code execution. This update\r\naddresses the issues by applying patches from the python project.\r\nFurther information is available via the python site at\r\nhttp://www.python.org/download/releases/\r\nCVE-ID\r\nCVE-2010-1634\r\nCVE-2010-2089\r\nCVE-2011-1521\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in\r\nQuickTime's handling of movie files.\r\nCVE-ID\r\nCVE-2011-3228 : Apple\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STSC\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STSS\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0250 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STSZ\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0251 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STTS\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0252 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: An attacker in a privileged network position may inject\r\nscript in the local domain when viewing template HTML\r\nDescription: A cross-site scripting issue existed in QuickTime\r\nPlayer's "Save for Web" export. The template HTML files generated by\r\nthis feature referenced a script file from a non-encrypted origin. An\r\nattacker in a privileged network position may be able to inject\r\nmalicious scripts in the local domain if the user views a template\r\nfile locally. This issue is resolved by removing the reference to an\r\nonline script. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3218 : Aaron Sigel of vtty.com\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime's handling of\r\nH.264 encoded movie files.\r\nCVE-ID\r\nCVE-2011-3219 : Damian Put working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to the\r\ndisclosure of memory contents\r\nDescription: An uninitialized memory access issue existed in\r\nQuickTime's handling of URL data handlers within movie files.\r\nCVE-ID\r\nCVE-2011-3220 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An implementation issue existed in QuickTime's handling\r\nof the atom hierarchy within a movie file.\r\nCVE-ID\r\nCVE-2011-3221 : an anonymous researcher working with TippingPoint's\r\nZero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted FlashPix file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime's handling of\r\nFlashPix files.\r\nCVE-ID\r\nCVE-2011-3222 : Damian Put working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime's handling of\r\nFLIC files.\r\nCVE-ID\r\nCVE-2011-3223 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nSMB File Server\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A guest user may browse shared folders\r\nDescription: An access control issue existed in the SMB File Server.\r\nDisallowing guest access to the share point record for a folder\r\nprevented the '_unknown' user from browsing the share point but not\r\nguests (user 'nobody'). This issue is addressed by applying the\r\naccess control to the guest user. This issue does not affect systems\r\nprior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3225\r\n\r\nTomcat\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in Tomcat 6.0.24\r\nDescription: Tomcat is updated to version 6.0.32 to address multiple\r\nvulnerabilities, the most serious of which may lead to a cross site\r\nscripting attack. Tomcat is only provided on Mac OS X Server systems.\r\nThis issue does not affect OS X Lion systems. Further information is\r\navailable via the Tomcat site at http://tomcat.apache.org/\r\nCVE-ID\r\nCVE-2010-1157\r\nCVE-2010-2227\r\nCVE-2010-3718\r\nCVE-2010-4172\r\nCVE-2011-0013\r\nCVE-2011-0534\r\n\r\nUser Documentation\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: An attacker in a privileged network position may manipulate\r\nApp Store help content, leading to arbitrary code execution\r\nDescription: App Store help content was updated over HTTP. This\r\nupdate addresses the issue by updating App Store help content over\r\nHTTPS. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3224 : Aaron Sigel of vtty.com\r\n\r\nWeb Server\r\nAvailable for: Mac OS X Server v10.6.8\r\nImpact: Clients may be unable to access web services that require\r\ndigest authentication\r\nDescription: An issue in the handling of HTTP Digest authentication\r\nwas addressed. Users may be denied access to the server's resources,\r\nwhen the server configuration should have allowed the access. This\r\nissue does not represent a security risk, and was addressed to\r\nfacilitate the use of stronger authentication mechanisms. Systems\r\nrunning OS X Lion Server are not affected by this issue.\r\n\r\nX11\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in libpng\r\nDescription: Multiple vulnerabilities existed in libpng, the most\r\nserious of which may lead to arbitrary code execution. These issues\r\nare addressed by updating libpng to version 1.5.4 on OS Lion systems,\r\nand to 1.2.46 on Mac OS X v10.6 systems. Further information is\r\navailable via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-2690\r\nCVE-2011-2691\r\nCVE-2011-2692\r\n\r\nOS X Lion v10.7.2 also includes Safari 5.1.1. For information on\r\nthe security content of Safari 5.1.1, please visit:\r\nhttp://support.apple.com/kb/HT5000\r\n\r\nOS X Lion v10.7.2 and Security Update 2011-006 may be obtained from\r\nthe Software Update pane in System Preferences, or Apple's Software\r\nDownloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nThe Software Update utility will present the update that applies\r\nto your system configuration. Only one is needed, either\r\nSecurity Update 2011-006 or OS X v10.7.2.\r\n\r\nFor OS X Lion v10.7.1\r\nThe download file is named: MacOSXUpd10.7.2.dmg\r\nIts SHA-1 digest is: 37f784e08d4461e83a891a7f8b8af24c2ceb8229\r\n\r\nFor OS X Lion v10.7\r\nThe download file is named: MacOSXUpdCombo10.7.2.dmg\r\nIts SHA-1 digest is: accd06d610af57df24f62ce7af261395944620eb\r\n\r\nFor OS X Lion Server v10.7.1\r\nThe download file is named: MacOSXServerUpd10.7.2.dmg\r\nIts SHA-1 digest is: e4084bf1dfa295a42f619224d149e515317955da\r\n\r\nFor OS X Lion Server v10.7\r\nThe download file is named: MacOSXServerUpdCombo10.7.2.dmg\r\nIts SHA-1 digest is: 25e86f5cf97b6644c7a025230431b1992962ec4a\r\n\r\nFor Mac OS X v10.6.8\r\nThe download file is named: SecUpd2011-006Snow.dmg\r\nIts SHA-1 digest is: 0f9c29610a06370d0c85a4c92dc278a48ba17a84\r\n\r\nFor Mac OS X Server v10.6.8\r\nThe download file is named: SecUpdSrvr2011-006.dmg\r\nIts SHA-1 digest is: 12de3732710bb03059f93527189d221c97ef8a06\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\r\n\r\niQEcBAEBAgAGBQJOlc/zAAoJEGnF2JsdZQeeWFcH/RDHS+dCP8T4a92uYRIbs9T3\r\nTFbT7hnOoTB0H+2eN3oziLNime2N4mO921heHobiAKSXv/luU41ZPHxVd6rE77Md\r\n/BHDqLv65RA0XFTIPmrTcfpLhI5UgXDLfOLrsmdwTm52l5zQZkoxufYFf3mB3h7U\r\nZJUD1s081Pjy45/Cbao097+JrDwS7ahhgkvTmpmSvJK/wWRz4JtZkvIYcQ2uQFR4\r\nsTg4l6pmi3d8sJJ4wzrEaxDpclRjvjURI4DiBMYwGAXeCMRgYi0y03tYtkjXoaSG\r\n69h2yD8EXQBuJkDyouak7/M/eMwUfb2S6o1HyXTldjdvFBFvvwvl+Y3xp8YmDzU=\r\n=gsvn\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2011-10-16T00:00:00", "type": "securityvulns", "title": "APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2011-10-16T00:00:00", "id": "SECURITYVULNS:DOC:27155", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27155", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:07", "description": "Multiple vulnerabilities in different system components.", "cvss3": {}, "published": "2011-10-24T00:00:00", "type": "securityvulns", "title": "Apple OS X multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2011-10-24T00:00:00", "id": "SECURITYVULNS:VULN:11973", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11973", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2023-02-09T14:54:52", "description": "QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.", "cvss3": {}, "published": "2011-10-14T10:55:00", "type": "cve", "title": "CVE-2011-3220", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3220"], "modified": "2012-01-14T03:55:00", "cpe": ["cpe:/o:apple:mac_os_x:10.2.3", "cpe:/o:apple:mac_os_x:10.3.5", "cpe:/o:apple:mac_os_x_server:10.4.2", "cpe:/o:apple:mac_os_x_server:10.6.8", "cpe:/o:apple:mac_os_x_server:10.3.4", "cpe:/o:apple:mac_os_x:10.5.8", "cpe:/o:apple:mac_os_x_server:10.1.0", "cpe:/o:apple:mac_os_x_server:10.4.3", "cpe:/o:apple:mac_os_x_server:10.2.7", "cpe:/o:apple:mac_os_x:10.5", "cpe:/o:apple:mac_os_x:10.1.4", "cpe:/o:apple:mac_os_x_server:10.0.0", "cpe:/o:apple:mac_os_x:10.6.1", "cpe:/o:apple:mac_os_x:10.7.1", "cpe:/o:apple:mac_os_x:10.4.8", "cpe:/o:apple:mac_os_x:10.1.0", "cpe:/o:apple:mac_os_x:10.2.2", "cpe:/o:apple:mac_os_x:10.3.7", "cpe:/o:apple:mac_os_x_server:10.1.1", "cpe:/o:apple:mac_os_x_server:10.5.2", "cpe:/o:apple:mac_os_x:10.4.4", "cpe:/o:apple:mac_os_x:10.6.5", "cpe:/o:apple:mac_os_x_server:10.6.4", "cpe:/o:apple:mac_os_x:10.2", "cpe:/o:apple:mac_os_x_server:10.4.4", "cpe:/o:apple:mac_os_x_server:10.2", "cpe:/o:apple:mac_os_x:10.4.7", "cpe:/o:apple:mac_os_x_server:10.2.1", "cpe:/o:apple:mac_os_x:10.6.4", "cpe:/o:apple:mac_os_x:10.3.0", "cpe:/o:apple:mac_os_x_server:10.5.8", "cpe:/o:apple:mac_os_x:10.2.6", "cpe:/o:apple:mac_os_x_server:10.4.5", "cpe:/o:apple:mac_os_x_server:10.1.2", "cpe:/o:apple:mac_os_x:10.1.3", "cpe:/o:apple:mac_os_x:10.6.7", "cpe:/o:apple:mac_os_x_server:10.5.0", "cpe:/o:apple:mac_os_x_server:10.0", "cpe:/o:apple:mac_os_x:10.1.2", "cpe:/o:apple:mac_os_x_server:10.5.4", "cpe:/o:apple:mac_os_x_server:10.4.9", "cpe:/o:apple:mac_os_x_server:10.2.6", "cpe:/o:apple:mac_os_x:10.4.2", "cpe:/o:apple:mac_os_x_server:10.2.8", "cpe:/o:apple:mac_os_x:10.5.6", "cpe:/o:apple:mac_os_x:10.0.1", "cpe:/o:apple:mac_os_x_server:10.1.4", "cpe:/o:apple:mac_os_x_server:10.5.3", "cpe:/o:apple:mac_os_x:10.0", "cpe:/o:apple:mac_os_x:10.4.9", "cpe:/o:apple:mac_os_x_server:10.3.0", "cpe:/o:apple:mac_os_x:10.0.3", "cpe:/o:apple:mac_os_x:10.2.4", "cpe:/o:apple:mac_os_x_server:10.6.5", "cpe:/o:apple:mac_os_x_server:10.7.1", "cpe:/o:apple:mac_os_x_server:10.6.3", "cpe:/o:apple:mac_os_x_server:10.4.11", "cpe:/o:apple:mac_os_x_server:10.5", "cpe:/o:apple:mac_os_x_server:10.1", "cpe:/o:apple:mac_os_x:10.2.1", "cpe:/o:apple:mac_os_x_server:10.4.10", "cpe:/o:apple:mac_os_x:10.2.5", "cpe:/o:apple:mac_os_x:10.6.6", "cpe:/o:apple:mac_os_x:10.3.6", "cpe:/o:apple:mac_os_x:10.0.2", "cpe:/o:apple:mac_os_x:10.3.2", "cpe:/o:apple:mac_os_x:10.6.2", "cpe:/o:apple:mac_os_x:10.3.3", "cpe:/o:apple:mac_os_x_server:10.5.6", "cpe:/o:apple:mac_os_x_server:10.4.0", "cpe:/o:apple:mac_os_x:10.0.0", "cpe:/o:apple:mac_os_x:10.6.8", "cpe:/o:apple:mac_os_x:10.5.7", "cpe:/o:apple:mac_os_x_server:10.0.1", "cpe:/o:apple:mac_os_x_server:10.2.3", "cpe:/o:apple:mac_os_x:10.5.1", "cpe:/o:apple:mac_os_x_server:10.7.0", "cpe:/o:apple:mac_os_x_server:10.3.6", "cpe:/o:apple:mac_os_x:10.5.3", "cpe:/o:apple:mac_os_x_server:10.3.8", "cpe:/o:apple:mac_os_x_server:10.6.0", "cpe:/o:apple:mac_os_x_server:10.1.3", "cpe:/o:apple:mac_os_x_server:10.2.5", "cpe:/o:apple:mac_os_x:10.3.8", "cpe:/o:apple:mac_os_x_server:10.4.1", "cpe:/o:apple:mac_os_x_server:10.6.6", "cpe:/o:apple:mac_os_x:10.6.0", "cpe:/o:apple:mac_os_x_server:10.0.2", "cpe:/o:apple:mac_os_x_server:10.3.1", "cpe:/o:apple:mac_os_x_server:10.5.5", "cpe:/o:apple:mac_os_x:10.6.3", "cpe:/o:apple:mac_os_x_server:10.4", "cpe:/o:apple:mac_os_x:10.5.5", "cpe:/o:apple:mac_os_x_server:10.3.5", "cpe:/o:apple:mac_os_x:10.4.3", "cpe:/o:apple:mac_os_x:10.4.5", "cpe:/o:apple:mac_os_x:10.5.2", "cpe:/o:apple:mac_os_x:10.4.0", "cpe:/o:apple:mac_os_x_server:10.2.2", "cpe:/o:apple:mac_os_x:10.2.7", "cpe:/o:apple:mac_os_x_server:10.2.0", "cpe:/o:apple:mac_os_x_server:10.3.7", "cpe:/o:apple:mac_os_x_server:10.3.2", "cpe:/o:apple:mac_os_x_server:10.6.2", "cpe:/o:apple:mac_os_x_server:10.0.3", "cpe:/o:apple:mac_os_x:10.4", "cpe:/o:apple:mac_os_x_server:10.5.7", "cpe:/o:apple:mac_os_x:10.3", "cpe:/o:apple:mac_os_x_server:10.4.8", "cpe:/o:apple:mac_os_x:10.1.1", "cpe:/o:apple:mac_os_x_server:10.3", "cpe:/o:apple:mac_os_x_server:10.6.1", "cpe:/o:apple:mac_os_x:10.4.6", "cpe:/o:apple:mac_os_x:10.2.8", "cpe:/o:apple:mac_os_x_server:10.4.6", "cpe:/o:apple:mac_os_x_server:10.1.5", "cpe:/o:apple:mac_os_x:10.3.4", "cpe:/o:apple:mac_os_x:10.2.0", "cpe:/o:apple:mac_os_x_server:10.6.7", "cpe:/o:apple:mac_os_x:10.3.9", "cpe:/o:apple:mac_os_x_server:10.4.7", "cpe:/o:apple:mac_os_x:10.4.10", "cpe:/o:apple:mac_os_x:10.1.5", "cpe:/o:apple:mac_os_x_server:10.2.4", "cpe:/o:apple:mac_os_x:10.0.4", "cpe:/o:apple:mac_os_x_server:10.3.3", "cpe:/o:apple:mac_os_x:10.1", "cpe:/o:apple:mac_os_x_server:10.5.1", "cpe:/o:apple:mac_os_x:10.7.0", "cpe:/o:apple:mac_os_x_server:10.0.4", "cpe:/o:apple:mac_os_x:10.3.1", "cpe:/o:apple:mac_os_x:10.5.4", "cpe:/o:apple:mac_os_x:10.5.0", "cpe:/o:apple:mac_os_x_server:10.3.9", "cpe:/o:apple:mac_os_x:10.4.1", "cpe:/o:apple:mac_os_x:10.4.11"], "id": "CVE-2011-3220", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3220", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.0:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2023-01-11T14:36:22", "description": "Versions of QuickTime earlier than 7.7.1 are potentially affected by multiple vulnerabilities :\n\n - A buffer overflow exists in the handling of H.264 encoded movie files. (CVE-2011-3219)\n\n - An uninitialized memory access issue exists in the handling of URL data handlers within movie file. (CVE-2011-3220)\n\n - An implementation issue exists in the handling of the atom hierarchy within a movie files. (CVE-2011-3221)\n\n - A cross-site scripting issue exists int he Save for Web export. (CVE-2011-3218)\n\n - A buffer overflow exists in the handling of FlashPix files. (CVE-2011-3222)\n\n - A buffer overflow exists in the handling of FLIC files. (CVE-2011-3223)\n\n - Multiple memory corruption issues exist in the handling of movie files. (CVE-2011-3228)\n\n - An integer overflow issue exists in the handling of PICT files. (CVE-2011-3247)\n\n - A signedness issue exists in the handling of font tables embedded n QuickTime movie files.\n\n - A buffer overflow issue exists in the handling of FLC encoded movie files. (CVE-2011-3249)\n\n - An integer overflow issue exists in the handling of JPEG2000 encoded movie files. (CVE-2011-3250)\n\n - A memory corruption issue exists in the handling of TKHD atoms in QuickTime movie files. (CVE-2011-3251)", "cvss3": {}, "published": "2011-10-27T00:00:00", "type": "nessus", "title": "QuickTime < 7.7.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3218", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3228", "CVE-2011-3247", "CVE-2011-3248", "CVE-2011-3249", "CVE-2011-3250", "CVE-2011-3251"], "modified": "2011-10-27T00:00:00", "cpe": [], "id": "801196.PRM", "href": "https://www.tenable.com/plugins/lce/801196", "sourceData": "Binary data 801196.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:36:48", "description": "The version of QuickTime installed on the remote Windows host is older than 7.7.1 and may be affected by the following vulnerabilities :\n\n - A cross-site scripting issue exists in HTML files generated by the 'Save for Web' export feature.\n (CVE-2011-3218)\n\n - A buffer overflow error exists in the handling of H.264 encoded video files. (CVE-2011-3219)\n\n - An error exists in the processing of URL data handlers in movie files and can allow access to uninitialized areas of memory. (CVE-2011-3220)\n\n - An error exists in the handling of the 'atoms' hierarchy as well as 'TKHD atoms' in movie files.\n (CVE-2011-3221, CVE-2011-3251)\n\n - Buffer overflow errors exist in the processing of of FlashPix, FLIC, PICT and FLC-encoded files. (CVE-2011-3222, CVE-2011-3223, CVE-2011-3247, CVE-2011-3249)\n\n - An unspecified error can allow memory corruption when viewing certain video files. (CVE-2011-3228)\n\n - An error related to signedness exists in the handling of font tables in QuickTime video files. (CVE-2011-3248)\n\n - An integer overflow error exists in the handling of JPEG2000 encoded video files. (CVE-2011-3250)", "cvss3": {}, "published": "2011-10-28T00:00:00", "type": "nessus", "title": "QuickTime < 7.7.1 Multiple Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3218", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3228", "CVE-2011-3247", "CVE-2011-3248", "CVE-2011-3249", "CVE-2011-3250", "CVE-2011-3251"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:apple:quicktime"], "id": "QUICKTIME_771.NASL", "href": "https://www.tenable.com/plugins/nessus/56667", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(56667);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\n\n script_cve_id(\n \"CVE-2011-3218\",\n \"CVE-2011-3219\",\n \"CVE-2011-3220\",\n \"CVE-2011-3221\",\n \"CVE-2011-3222\",\n \"CVE-2011-3223\",\n \"CVE-2011-3228\",\n \"CVE-2011-3247\",\n \"CVE-2011-3248\",\n \"CVE-2011-3249\",\n \"CVE-2011-3250\",\n \"CVE-2011-3251\"\n );\n script_bugtraq_id(\n 50068,\n 50100,\n 50101,\n 50122,\n 50127,\n 50130,\n 50131,\n 50399,\n 50400,\n 50401,\n 50403,\n 50404\n );\n\n script_name(english:\"QuickTime < 7.7.1 Multiple Vulnerabilities (Windows)\");\n script_summary(english:\"Checks version of QuickTime on Windows\");\n \n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Windows host contains an application that may be affected\nby multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of QuickTime installed on the remote Windows host is\nolder than 7.7.1 and may be affected by the following \nvulnerabilities :\n\n - A cross-site scripting issue exists in HTML files\n generated by the 'Save for Web' export feature.\n (CVE-2011-3218)\n\n - A buffer overflow error exists in the handling of\n H.264 encoded video files. (CVE-2011-3219)\n\n - An error exists in the processing of URL data handlers \n in movie files and can allow access to uninitialized \n areas of memory. (CVE-2011-3220)\n\n - An error exists in the handling of the 'atoms' \n hierarchy as well as 'TKHD atoms' in movie files.\n (CVE-2011-3221, CVE-2011-3251)\n\n - Buffer overflow errors exist in the processing of\n of FlashPix, FLIC, PICT and FLC-encoded files. \n (CVE-2011-3222, CVE-2011-3223, CVE-2011-3247, \n CVE-2011-3249)\n\n - An unspecified error can allow memory corruption when\n viewing certain video files. (CVE-2011-3228)\n\n - An error related to signedness exists in the handling \n of font tables in QuickTime video files. (CVE-2011-3248)\n\n - An integer overflow error exists in the handling of \n JPEG2000 encoded video files. (CVE-2011-3250)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-295/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-303/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-311/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-312/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-313/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-314/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-315/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-316/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-136/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/523931/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT5016\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to QuickTime 7.7.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:quicktime\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"quicktime_installed.nasl\");\n script_require_keys(\"SMB/QuickTime/Version\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nkb_base = \"SMB/QuickTime/\";\n\nversion = get_kb_item_or_exit(kb_base+\"Version\");\nversion_ui = get_kb_item(kb_base+\"Version_UI\");\n\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui;\n\nfixed_version = \"7.71.80.42\";\nfixed_version_ui = \"7.7.1 (1680.42)\";\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n set_kb_item(name: 'www/0/XSS', value: TRUE);\n if (report_verbosity > 0)\n {\n path = get_kb_item(kb_base+\"Path\");\n if (isnull(path)) path = 'n/a';\n\n report =\n '\\n Path : '+path+\n '\\n Installed version : '+version_report+\n '\\n Fixed version : '+fixed_version_ui+'\\n';\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nelse exit(0, \"The QuickTime \"+version_report+\" install on the host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-17T15:08:27", "description": "Versions of QuickTime earlier than 7.7.1 are potentially affected by multiple vulnerabilities :\n\n - A buffer overflow exists in the handling of H.264 encoded movie files. (CVE-2011-3219)\n\n - An uninitialized memory access issue exists in the handling of URL data handlers within movie file. (CVE-2011-3220)\n\n - An implementation issue exists in the handling of the atom hierarchy within a movie files. (CVE-2011-3221)\n\n - A cross-site scripting issue exists int he Save for Web export. (CVE-2011-3218)\n\n - A buffer overflow exists in the handling of FlashPix files. (CVE-2011-3222)\n\n - A buffer overflow exists in the handling of FLIC files. (CVE-2011-3223)\n\n - Multiple memory corruption issues exist in the handling of movie files. (CVE-2011-3228)\n\n - An integer overflow issue exists in the handling of PICT files. (CVE-2011-3247)\n\n - A signedness issue exists in the handling of font tables embedded n QuickTime movie files.\n\n - A buffer overflow issue exists in the handling of FLC encoded movie files. (CVE-2011-3249)\n\n - An integer overflow issue exists in the handling of JPEG2000 encoded movie files. (CVE-2011-3250)\n\n - A memory corruption issue exists in the handling of TKHD atoms in QuickTime movie files. (CVE-2011-3251)", "cvss3": {}, "published": "2011-10-27T00:00:00", "type": "nessus", "title": "QuickTime < 7.7.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3218", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3228", "CVE-2011-3247", "CVE-2011-3248", "CVE-2011-3249", "CVE-2011-3250", "CVE-2011-3251"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:apple:quicktime"], "id": "6052.PRM", "href": "https://www.tenable.com/plugins/nnm/6052", "sourceData": "Binary data 6052.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T14:56:56", "description": "Versions of Mac OS X 10.7 earlier than 10.7.2 are potentially affected by a security issue. Mac OS X 10.7.2 contains a security fix for the following products : \n\n - Apache\n\n - Application Firewall\n\n - ATS\n\n - BIND\n\n - Certificate Trust Policy\n\n - CFNetwork\n\n - CoreMedia\n\n - CoreProcesses\n\n - CoreStorage\n\n - File Systems\n\n - iChat Server\n\n - Kernel\n\n - libsecurity\n\n - Open Directory\n\n - PHP\n\n - python\n\n - QuickTime\n\n - SMB File Server\n\n - X11", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2011-10-13T00:00:00", "type": "nessus", "title": "Mac OS X 10.7 < 10.7.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1634", "CVE-2010-2089", "CVE-2011-0185", "CVE-2011-0187", "CVE-2011-0226", "CVE-2011-0230", "CVE-2011-0260", "CVE-2011-1521", "CVE-2011-1755", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3192", "CVE-2011-3212", "CVE-2011-3213", "CVE-2011-3215", "CVE-2011-3216", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3225", "CVE-2011-3226", "CVE-2011-3227", "CVE-2011-3228", "CVE-2011-3246", "CVE-2011-3435", "CVE-2011-3436", "CVE-2011-3437"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "6039.PRM", "href": "https://www.tenable.com/plugins/nnm/6039", "sourceData": "Binary data 6039.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T14:27:34", "description": "The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.2. This version contains numerous security-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreMedia\n - CoreProcesses\n - CoreStorage\n - File Systems\n - iChat Server\n - Kernel\n - libsecurity\n - Open Directory\n - PHP\n - python\n - QuickTime\n - SMB File Server\n - X11", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2011-10-13T00:00:00", "type": "nessus", "title": "Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1634", "CVE-2010-2089", "CVE-2011-0185", "CVE-2011-0187", "CVE-2011-0226", "CVE-2011-0230", "CVE-2011-0260", "CVE-2011-1521", "CVE-2011-1755", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3192", "CVE-2011-3212", "CVE-2011-3213", "CVE-2011-3215", "CVE-2011-3216", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3225", "CVE-2011-3226", "CVE-2011-3227", "CVE-2011-3228", "CVE-2011-3246", "CVE-2011-3435", "CVE-2011-3436", "CVE-2011-3437"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_7_2.NASL", "href": "https://www.tenable.com/plugins/nessus/56480", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs.\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(56480);\n script_version(\"1.23\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2010-1634\",\n \"CVE-2010-2089\",\n \"CVE-2011-0185\",\n \"CVE-2011-0187\",\n \"CVE-2011-0226\",\n \"CVE-2011-0230\",\n \"CVE-2011-0260\",\n \"CVE-2011-1521\",\n \"CVE-2011-1755\",\n \"CVE-2011-1910\",\n \"CVE-2011-2464\",\n \"CVE-2011-2690\",\n \"CVE-2011-2691\",\n \"CVE-2011-2692\",\n \"CVE-2011-3192\",\n \"CVE-2011-3212\",\n \"CVE-2011-3213\",\n \"CVE-2011-3215\",\n \"CVE-2011-3216\",\n \"CVE-2011-3219\",\n \"CVE-2011-3220\",\n \"CVE-2011-3221\",\n \"CVE-2011-3222\",\n \"CVE-2011-3223\",\n \"CVE-2011-3225\",\n \"CVE-2011-3226\",\n \"CVE-2011-3227\",\n \"CVE-2011-3228\",\n \"CVE-2011-3246\",\n \"CVE-2011-3435\",\n \"CVE-2011-3436\",\n \"CVE-2011-3437\"\n );\n script_bugtraq_id(\n 40370,\n 40863,\n 48007,\n 48250,\n 48566,\n 48618,\n 48619,\n 48660,\n 49303,\n 50085,\n 50092,\n 50100,\n 50101,\n 50109,\n 50112,\n 50113,\n 50114,\n 50115,\n 50116,\n 50120,\n 50121,\n 50127,\n 50129,\n 50130,\n 50131,\n 50144,\n 50146,\n 50153 \n );\n\n script_name(english:\"Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.7.x that is prior\nto 10.7.2. This version contains numerous security-related fixes for\nthe following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreMedia\n - CoreProcesses\n - CoreStorage\n - File Systems\n - iChat Server\n - Kernel\n - libsecurity\n - Open Directory\n - PHP\n - python\n - QuickTime\n - SMB File Server\n - X11\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-303/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-136/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/523931/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5002\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2011/Oct/msg00003.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Mac OS X 10.7.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item(\"Host/OS\");\n if (isnull(os)) exit(0, \"The 'Host/OS' KB item is missing.\");\n if (\"Mac OS X\" >!< os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.7($|\\.[0-1]([^0-9]|$))\", string:os)) security_hole(0);\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-22T14:21:31", "description": "The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2011-006 applied. This update contains numerous security-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreFoundation\n - CoreMedia\n - File Systems\n - IOGraphics\n - iChat Server\n - Mailman\n - MediaKit\n - PHP\n - postfix\n - python\n - QuickTime\n - Tomcat\n - User Documentation\n - Web Server\n - X11", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2011-10-13T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2011-006)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4022", "CVE-2010-0097", "CVE-2010-1157", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-2227", "CVE-2010-3436", "CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3718", "CVE-2010-4172", "CVE-2010-4645", "CVE-2011-0013", "CVE-2011-0185", "CVE-2011-0224", "CVE-2011-0229", "CVE-2011-0230", "CVE-2011-0231", "CVE-2011-0249", "CVE-2011-0250", "CVE-2011-0251", "CVE-2011-0252", "CVE-2011-0259", "CVE-2011-0411", "CVE-2011-0419", "CVE-2011-0420", "CVE-2011-0421", "CVE-2011-0534", "CVE-2011-0707", "CVE-2011-0708", "CVE-2011-1092", "CVE-2011-1153", "CVE-2011-1466", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1521", "CVE-2011-1755", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3192", "CVE-2011-3213", "CVE-2011-3214", "CVE-2011-3217", "CVE-2011-3218", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3224", "CVE-2011-3228"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2011-006.NASL", "href": "https://www.tenable.com/plugins/nessus/56481", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs.\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(56481);\n script_version(\"1.27\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-4022\",\n \"CVE-2010-0097\",\n \"CVE-2010-1157\",\n \"CVE-2010-1634\",\n \"CVE-2010-2089\",\n \"CVE-2010-2227\",\n \"CVE-2010-3436\",\n \"CVE-2010-3613\",\n \"CVE-2010-3614\",\n \"CVE-2010-3718\",\n \"CVE-2010-4172\",\n \"CVE-2010-4645\",\n \"CVE-2011-0013\",\n \"CVE-2011-0185\",\n \"CVE-2011-0224\",\n \"CVE-2011-0229\",\n \"CVE-2011-0230\",\n \"CVE-2011-0231\",\n \"CVE-2011-0249\",\n \"CVE-2011-0250\",\n \"CVE-2011-0251\",\n \"CVE-2011-0252\",\n \"CVE-2011-0259\",\n \"CVE-2011-0411\",\n \"CVE-2011-0419\",\n \"CVE-2011-0420\",\n \"CVE-2011-0421\",\n \"CVE-2011-0534\",\n \"CVE-2011-0707\",\n \"CVE-2011-0708\",\n \"CVE-2011-1092\",\n \"CVE-2011-1153\",\n \"CVE-2011-1466\",\n \"CVE-2011-1467\",\n \"CVE-2011-1468\",\n \"CVE-2011-1469\",\n \"CVE-2011-1470\",\n \"CVE-2011-1471\",\n \"CVE-2011-1521\",\n \"CVE-2011-1755\",\n \"CVE-2011-1910\",\n \"CVE-2011-2464\",\n \"CVE-2011-2690\",\n \"CVE-2011-2691\",\n \"CVE-2011-2692\",\n \"CVE-2011-3192\",\n \"CVE-2011-3213\",\n \"CVE-2011-3214\",\n \"CVE-2011-3217\",\n \"CVE-2011-3218\",\n \"CVE-2011-3219\",\n \"CVE-2011-3220\",\n \"CVE-2011-3221\",\n \"CVE-2011-3222\",\n \"CVE-2011-3223\",\n \"CVE-2011-3224\",\n \"CVE-2011-3228\"\n );\n script_bugtraq_id(\n 37118,\n 37865,\n 39635,\n 40370,\n 40863,\n 41544,\n 44723,\n 45015,\n 45133,\n 45137,\n 45668,\n 46164,\n 46174,\n 46177,\n 46354,\n 46365,\n 46429,\n 46464,\n 46767,\n 46786,\n 46854,\n 46967,\n 46968,\n 46969,\n 46970,\n 46975,\n 46977,\n 48007,\n 48250,\n 48566,\n 48618,\n 48660,\n 49303,\n 50085,\n 50091,\n 50092,\n 50095,\n 50098,\n 50100,\n 50101,\n 50111,\n 50116,\n 50117,\n 50122,\n 50127,\n 50130,\n 50131,\n 50150 \n );\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2011-006)\");\n script_summary(english:\"Check for the presence of Security Update 2011-006\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.6 that does not\nhave Security Update 2011-006 applied. This update contains numerous\nsecurity-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreFoundation\n - CoreMedia\n - File Systems\n - IOGraphics\n - iChat Server\n - Mailman\n - MediaKit\n - PHP\n - postfix\n - python\n - QuickTime\n - Tomcat\n - User Documentation\n - Web Server\n - X11\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-295/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-303/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-136/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/523931/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5002\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2011/Oct/msg00003.html\");\n script_set_attribute(attribute:\"solution\", value:\"Install Security Update 2011-006 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.6([^0-9]|$)\", string:os)) \n{\n packages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\n\n if (egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.(2011\\.00[6-9]|201[2-9]\\.[0-9]+)(\\.snowleopard[0-9.]*)?\\.bom\", string:packages)) \n exit(0, \"The host has Security Update 2011-006 or later installed and therefore is not affected.\");\n else \n security_hole(0);\n}\nelse exit(0, \"The host is running \"+os+\" and therefore is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-09-04T14:19:36", "description": "The host is installed with Apple QuickTime and is prone to multiple\n denial of service vulnerabilities.", "cvss3": {}, "published": "2011-11-03T00:00:00", "type": "openvas", "title": "Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3221", "CVE-2011-3249", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3248", "CVE-2011-3220", "CVE-2011-3228", "CVE-2011-3247", "CVE-2011-3251", "CVE-2011-3219", "CVE-2011-3428", "CVE-2011-3250", "CVE-2011-3218"], "modified": "2017-08-28T00:00:00", "id": "OPENVAS:802198", "href": "http://plugins.openvas.org/nasl.php?oid=802198", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_quicktime_mult_dos_vuln_win_nov11.nasl 7015 2017-08-28 11:51:24Z teissa $\n#\n# Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code or\n cause a denial of service via crafted files.\n Impact Level: System/Application\";\ntag_affected = \"QuickTime Player version prior to 7.7.1\";\ntag_insight = \"The flaws are due to\n - A integer overflow while handling the PICT files and JPEG2000 encoded\n movie files.\n - A signedness issue existed in the handling of font tables embedded in\n QuickTime movie files.\n - A buffer overflow issue while handling FLIC files, FlashPix files and FLC\n and RLE encoded movie files.\n - A memory corruption issue, while handling of TKHD atoms in QuickTime\n movie files.\";\ntag_solution = \"Upgrade to QuickTime Player version 7.7.1 or later,\n For updates refer to http://www.apple.com/quicktime/download/\";\ntag_summary = \"The host is installed with Apple QuickTime and is prone to multiple\n denial of service vulnerabilities.\";\n\nif(description)\n{\n script_id(802198);\n script_version(\"$Revision: 7015 $\");\n script_cve_id(\"CVE-2011-3219\", \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3218\",\n \"CVE-2011-3222\", \"CVE-2011-3223\", \"CVE-2011-3228\", \"CVE-2011-3247\",\n \"CVE-2011-3248\", \"CVE-2011-3249\", \"CVE-2011-3250\", \"CVE-2011-3251\",\n \"CVE-2011-3428\");\n script_bugtraq_id(50068, 50130, 50131, 50122, 50100, 50101, 50127, 50399, 50400,\n 50404, 50401, 50403);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-28 13:51:24 +0200 (Mon, 28 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-03 12:22:48 +0100 (Thu, 03 Nov 2011)\");\n script_name(\"Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5016\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-314/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-315/\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_apple_quicktime_detection_win_900124.nasl\");\n script_require_keys(\"QuickTime/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nquickVer = get_kb_item(\"QuickTime/Win/Ver\");\nif(!quickVer){\n exit(0);\n}\n\n## Check for QuickTime Playe Version less than 7.7.1\nif(version_is_less(version:quickVer, test_version:\"7.7.1\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-03T21:01:07", "description": "The host is installed with Apple QuickTime and is prone to multiple\n denial of service vulnerabilities.", "cvss3": {}, "published": "2011-11-03T00:00:00", "type": "openvas", "title": "Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3221", "CVE-2011-3249", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3248", "CVE-2011-3220", "CVE-2011-3228", "CVE-2011-3247", "CVE-2011-3251", "CVE-2011-3219", "CVE-2011-3428", "CVE-2011-3250", "CVE-2011-3218"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310802198", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802198", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:quicktime\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802198\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2011-3219\", \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3218\",\n \"CVE-2011-3222\", \"CVE-2011-3223\", \"CVE-2011-3228\", \"CVE-2011-3247\",\n \"CVE-2011-3248\", \"CVE-2011-3249\", \"CVE-2011-3250\", \"CVE-2011-3251\",\n \"CVE-2011-3428\");\n script_bugtraq_id(50068, 50130, 50131, 50122, 50100, 50101, 50127, 50399, 50400,\n 50404, 50401, 50403);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-11-03 12:22:48 +0100 (Thu, 03 Nov 2011)\");\n script_name(\"Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5016\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-314/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-315/\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_apple_quicktime_detection_win_900124.nasl\");\n script_mandatory_keys(\"QuickTime/Win/Ver\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code or\n cause a denial of service via crafted files.\");\n\n script_tag(name:\"affected\", value:\"QuickTime Player version prior to 7.7.1.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - A integer overflow while handling the PICT files and JPEG2000 encoded\n movie files.\n\n - A signedness issue existed in the handling of font tables embedded in\n QuickTime movie files.\n\n - A buffer overflow issue while handling FLIC files, FlashPix files and FLC\n and RLE encoded movie files.\n\n - A memory corruption issue, while handling of TKHD atoms in QuickTime\n movie files.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to QuickTime Player version 7.7.1 or later.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Apple QuickTime and is prone to multiple\n denial of service vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"7.7.1\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"7.7.1\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-09-04T14:19:54", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.", "cvss3": {}, "published": "2011-10-20T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2017-08-31T00:00:00", "id": "OPENVAS:802336", "href": "http://plugins.openvas.org/nasl.php?oid=802336", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_macosx_su11-006.nasl 7029 2017-08-31 11:51:40Z teissa $\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial of service condition.\n Impact Level: System/Application\";\ntag_affected = \"Apache, Application Firewall, ATS, BIND, Certificate Trust Policy, CFNetwork,\n CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, File Systems,\n iChat Server, IOGraphics, Kernel, libsecurity, Mailman, MediaKit,\n Open Directory, PHP, postfix, python, QuickTime, SMB File Server, Tomcat,\n User Documentation, Web Server and X11.\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Run Mac Updates and update the Security Update 2011-006\n For updates refer to http://support.apple.com/kb/HT1222\";\ntag_summary = \"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.\";\n\nif(description)\n{\n script_id(802336);\n script_version(\"$Revision: 7029 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-31 13:51:40 +0200 (Thu, 31 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-20 08:43:23 +0200 (Thu, 20 Oct 2011)\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-3192\", \"CVE-2011-0185\", \"CVE-2011-3437\",\n \"CVE-2011-0229\", \"CVE-2011-0230\", \"CVE-2011-1910\", \"CVE-2011-2464\",\n \"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-3613\", \"CVE-2010-3614\",\n \"CVE-2011-0231\", \"CVE-2011-3246\", \"CVE-2011-0259\", \"CVE-2011-0187\",\n \"CVE-2011-0224\", \"CVE-2011-0260\", \"CVE-2011-3212\", \"CVE-2011-3213\",\n \"CVE-2011-3214\", \"CVE-2011-1755\", \"CVE-2011-3215\", \"CVE-2011-3216\",\n \"CVE-2011-3227\", \"CVE-2011-0707\", \"CVE-2011-3217\", \"CVE-2011-3435\",\n \"CVE-2010-3436\", \"CVE-2010-4645\", \"CVE-2011-0420\", \"CVE-2011-0421\",\n \"CVE-2011-0708\", \"CVE-2011-1092\", \"CVE-2011-1153\", \"CVE-2011-1466\",\n \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\",\n \"CVE-2011-1471\", \"CVE-2011-0411\", \"CVE-2010-1634\", \"CVE-2010-2089\",\n \"CVE-2011-1521\", \"CVE-2011-3228\", \"CVE-2011-0249\", \"CVE-2011-0250\",\n \"CVE-2011-0251\", \"CVE-2011-0252\", \"CVE-2011-3218\", \"CVE-2011-3219\",\n \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3222\", \"CVE-2011-3223\",\n \"CVE-2011-3225\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\",\n \"CVE-2010-4172\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-3224\",\n \"CVE-2011-2690\", \"CVE-2011-2691\", \"CVE-2011-2692\", \"CVE-2011-3436\",\n \"CVE-2011-3226\", \"CVE-2011-0226\");\n script_bugtraq_id(47820, 49303, 50092, 50112, 50091, 50099, 48007, 48566, 37118,\n 37865, 45133, 45137, 50098, 50115, 50067, 46992, 50095, 50120,\n 50109, 50116, 50111, 48250, 50113, 50121, 50129, 46464, 50117,\n 50114, 50146, 50153, 48619, 48660, 48618, 44723, 45668, 46429,\n 46354, 46365, 46786, 46854, 46967, 46968, 46977, 46970, 46969,\n 46975, 46767, 40370, 40863, 47024, 50127, 48993, 49038, 50122,\n 50068, 50130, 50131, 50100, 50101, 50144, 39635, 41544, 46177,\n 45015, 46174, 46164, 50150);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT1222\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5000\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5002\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce//2011//Oct//msg00003.html\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\n## Get the OS name\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\n## Get the OS Version\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\n## Check for the Mac OS X and Mac OS X Server\nif(\"Mac OS X\" >< osName)\n{\n ## Check the affected OS versions\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n ## Check for the security update 2011.006\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.006\"))\n {\n security_message(0);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-27T19:22:38", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.", "cvss3": {}, "published": "2011-10-20T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310802336", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802336", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802336\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-10-20 08:43:23 +0200 (Thu, 20 Oct 2011)\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-3192\", \"CVE-2011-0185\", \"CVE-2011-3437\",\n \"CVE-2011-0229\", \"CVE-2011-0230\", \"CVE-2011-1910\", \"CVE-2011-2464\",\n \"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-3613\", \"CVE-2010-3614\",\n \"CVE-2011-0231\", \"CVE-2011-3246\", \"CVE-2011-0259\", \"CVE-2011-0187\",\n \"CVE-2011-0224\", \"CVE-2011-0260\", \"CVE-2011-3212\", \"CVE-2011-3213\",\n \"CVE-2011-3214\", \"CVE-2011-1755\", \"CVE-2011-3215\", \"CVE-2011-3216\",\n \"CVE-2011-3227\", \"CVE-2011-0707\", \"CVE-2011-3217\", \"CVE-2011-3435\",\n \"CVE-2010-3436\", \"CVE-2010-4645\", \"CVE-2011-0420\", \"CVE-2011-0421\",\n \"CVE-2011-0708\", \"CVE-2011-1092\", \"CVE-2011-1153\", \"CVE-2011-1466\",\n \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\",\n \"CVE-2011-1471\", \"CVE-2011-0411\", \"CVE-2010-1634\", \"CVE-2010-2089\",\n \"CVE-2011-1521\", \"CVE-2011-3228\", \"CVE-2011-0249\", \"CVE-2011-0250\",\n \"CVE-2011-0251\", \"CVE-2011-0252\", \"CVE-2011-3218\", \"CVE-2011-3219\",\n \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3222\", \"CVE-2011-3223\",\n \"CVE-2011-3225\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\",\n \"CVE-2010-4172\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-3224\",\n \"CVE-2011-2690\", \"CVE-2011-2691\", \"CVE-2011-2692\", \"CVE-2011-3436\",\n \"CVE-2011-3226\", \"CVE-2011-0226\");\n script_bugtraq_id(47820, 49303, 50092, 50112, 50091, 50099, 48007, 48566, 37118,\n 37865, 45133, 45137, 50098, 50115, 50067, 46992, 50095, 50120,\n 50109, 50116, 50111, 48250, 50113, 50121, 50129, 46464, 50117,\n 50114, 50146, 50153, 48619, 48660, 48618, 44723, 45668, 46429,\n 46354, 46365, 46786, 46854, 46967, 46968, 46977, 46970, 46969,\n 46975, 46767, 40370, 40863, 47024, 50127, 48993, 49038, 50122,\n 50068, 50130, 50131, 50100, 50101, 50144, 39635, 41544, 46177,\n 45015, 46174, 46164, 50150);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT1222\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5000\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5002\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce//2011//Oct//msg00003.html\");\n\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.6\\.8\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial of service condition.\");\n script_tag(name:\"affected\", value:\"Apache, Application Firewall, ATS, BIND, Certificate Trust Policy, CFNetwork,\n CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, File Systems,\n iChat Server, IOGraphics, Kernel, libsecurity, Mailman, MediaKit,\n Open Directory, PHP, postfix, python, QuickTime, SMB File Server, Tomcat,\n User Documentation, Web Server and X11.\");\n script_tag(name:\"insight\", value:\"Please see the references for more information on the vulnerabilities.\");\n script_tag(name:\"solution\", value:\"Run Mac Updates and update the Security Update 2011-006\");\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer)\n exit(0);\n\nif(\"Mac OS X\" >< osName)\n{\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.006\"))\n {\n report = report_fixed_ver(installed_version:osVer, vulnerable_range:\"Equal to 10.6.8\");\n security_message(port:0, data:report);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability
