ID CVE-2008-2321
Summary Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of arguments."
References
Vulnerable Configurations
  • cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:coregraphics:*:*:*:*:*:*:*:*
    cpe:2.3:a:apple:coregraphics:*:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 08-08-2017 - 01:30)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
apple
  • APPLE-SA-2008-07-31
  • APPLE-SA-2008-11-20
  • APPLE-SA-2009-06-08-1
bid
  • 30483
  • 30488
confirm
sectrack 1020603
secunia
  • 31326
  • 32756
  • 35379
vupen
  • ADV-2008-2268
  • ADV-2008-3232
  • ADV-2009-1522
xf macosx-coregraphics-code-execution(44127)
Last major update 08-08-2017 - 01:30
Published 04-08-2008 - 01:41
Last modified 08-08-2017 - 01:30
Back to Top