ID CVE-2011-0639
Summary Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.
References
Vulnerable Configurations
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 28-04-2011 - 04:00)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
refmap via4
misc
Last major update 28-04-2011 - 04:00
Published 25-01-2011 - 01:00
Last modified 28-04-2011 - 04:00
Back to Top