cvelistv5 - CVE-2011-3212

CVE-2011-3212

Vulnerability from cvelistv5

Published

2011-10-14 10:00

Modified

2024-08-06 23:29

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
product-security@apple.com	http://osvdb.org/76362
product-security@apple.com	http://support.apple.com/kb/HT5002	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT5281
product-security@apple.com	http://www.securityfocus.com/bid/50085
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/76362
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5002	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5281
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/50085

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:29:56.688Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "76362",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/76362"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5281"
          },
          {
            "name": "APPLE-SA-2012-05-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
          },
          {
            "name": "50085",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/50085"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-10-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-19T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "76362",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/76362"
        },
        {
          "name": "APPLE-SA-2011-10-12-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5002"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5281"
        },
        {
          "name": "APPLE-SA-2012-05-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
        },
        {
          "name": "50085",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/50085"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-3212",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "76362",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/76362"
            },
            {
              "name": "APPLE-SA-2011-10-12-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5002",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5002"
            },
            {
              "name": "http://support.apple.com/kb/HT5281",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5281"
            },
            {
              "name": "APPLE-SA-2012-05-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
            },
            {
              "name": "50085",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/50085"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-3212",
    "datePublished": "2011-10-14T10:00:00",
    "dateReserved": "2011-08-19T00:00:00",
    "dateUpdated": "2024-08-06T23:29:56.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-3212\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2011-10-14T10:55:08.307\",\"lastModified\":\"2024-11-21T01:29:59.557\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device.\"},{\"lang\":\"es\",\"value\":\"CoreStorage en Apple Mac OS X v10.7 anterior a v10.7 no asegura que toda la informaci\u00f3n de disco est\u00e1 encriptada durante la activaci\u00f3n de FileVault, lo que hace m\u00e1s f\u00e1cil a atacantes pr\u00f3ximos f\u00edsicamente obtener informaci\u00f3n sensible leyendo directamente del dispositivo de disco.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8961F444-48C4-4B54-829B-A1A2D0F2716C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09A0FA11-6211-4962-A6E0-F00732818012\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38823717-65A1-4587-8F05-32EA9A01084C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD4E77C-3F87-476B-BB66-75EECDFDB18E\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2012/May/msg00001.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://osvdb.org/76362\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT5002\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5281\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securityfocus.com/bid/50085\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2012/May/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/76362\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT5002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5281\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/50085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device. The update addresses new vulnerabilities that affect Application Firewall, ATS, CFNetwork, CoreMedia, CoreProcesses, CoreStorage, File Systems, IOGraphics, Kernel, MediaKit, Open Directory, QuickTime, SMB File Server, User Documentation, and libsecurity. Apple Mac OS X is prone to an information-disclosure vulnerability. A local attacker can exploit this issue to retrieve arbitrary files from the vulnerable computer. Information obtained may aid in further attacks. Apple Mac OS X 10.7 and 10.7.1 are vulnerable. NOTE: This issue was previously discussed in BID 50085 (Apple Mac OS X Prior to 10.7.2 Multiple Security Vulnerabilities) but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002

OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses the following:

Login Window Available for: OS X Lion v10.7.3, OS X Lion Server v10.7.3 Impact: Remote admins and persons with physical access to the system may obtain account information Description: An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. The sensitive information may persist in saved logs after installation of this update. See http://support.apple.com/kb/TS4272 for more information on how to securely remove any remaining records. This issue only affects systems running OS X Lion v10.7.3 with users of Legacy File Vault and/or networked home directories. CVE-ID CVE-2012-0652 : Terry Reeves and Tim Winningham of the Ohio State University, Markus 'Jaroneko' Raty of the Finnish Academy of Fine Arts, Jaakko Pero of Aalto University, Mark Cohen of Oregon State University, Paul Nelson

Bluetooth Available for: OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: A local user may be able to execute arbitrary code with system privileges Description: A temporary file race condition issue existed in blued's initialization routine. CVE-ID CVE-2012-0649 : Aaron Sigel of vtty.com

curl Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. CVE-ID CVE-2011-3389 : Apple

curl Available for: OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Using curl or libcurl with a maliciously crafted URL may lead to protocol-specific data injection attacks Description: A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. By sending a maliciously crafted message, a remote attacker could cause the directory server to disclose memory from its address space, potentially revealing account credentials or other sensitive information. The Directory Server is disabled by default in non-server installations of OS X. CVE-ID CVE-2012-0651 : Agustin Azubel

HFS Available for: OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Mounting a maliciously crafted disk image may lead to a system shutdown or arbitrary code execution Description: An integer underflow existed in the handling of HFS catalog files. CVE-ID CVE-2012-0642 : pod2g

ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF files. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-2692 CVE-2011-3328

ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue is addressed by updating libtiff to version 3.9.5. This issue is addressed through improved handling of the sleep image, and by overwriting the existing sleep image when updating to OS X v10.7.4. CVE-ID CVE-2011-3212 : Felix Groebert of Google Security Team

libarchive Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Extracting a maliciously crafted archive may lead to an unexpected application termination or arbitrary code execution Description: Multiple buffer overflows existed in the handling of tar archives and iso9660 files. CVE-ID CVE-2011-1777 CVE-2011-1778

libsecurity Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Verifying a maliciously crafted X.509 certificate, such as when visiting a maliciously crafted website, may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue existed in the handling of X.509 certificates. CVE-ID CVE-2012-0654 : Dirk-Willem van Gulik of WebWeaving.org, Guilherme Prado of Conselho da Justica Federal, Ryan Sleevi of Google

libsecurity Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Support for X.509 certificates with insecure-length RSA keys may expose users to spoofing and information disclosure Description: Certificates signed using RSA keys with insecure key lengths were accepted by libsecurity. This issue is addressed by rejecting certificates containing RSA keys less than 1024 bits. CVE-ID CVE-2012-0655

libxml Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution Description: Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues are addressed by applying the relevant upstream patches. CVE-ID CVE-2011-1944 : Chris Evans of Google Chrome Security Team CVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-3919 : Juri Aedla

LoginUIFramework Available for: OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: If the Guest user is enabled, a user with physical access to the computer may be able to log in to a user other than the Guest user without entering a password Description: A race condition existed in the handling of Guest user logins. CVE-ID CVE-2012-0656 : Francisco Gomez (espectalll123)

PHP Available for: OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Multiple vulnerabilities in PHP Description: PHP is updated to version 5.3.10 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at http://www.php.net CVE-ID CVE-2011-4566 CVE-2011-4885 CVE-2012-0830

Quartz Composer Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: A user with physical access to the computer may be able to cause Safari to launch if the screen is locked and the RSS Visualizer screen saver is used Description: An access control issue existed in Quartz Composer's handling of screen savers. This issue is addressed through improved checking for whether or not the screen is locked. CVE-ID CVE-2012-0657 : Aaron Sigel of vtty.com

QuickTime Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Viewing a maliciously crafted movie file during progressive download may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of audio sample tables. CVE-ID CVE-2012-0658 : Luigi Auriemma working with HP's Zero Day Initiative

QuickTime Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of MPEG files. CVE-ID CVE-2012-0659 : An anonymous researcher working with HP's Zero Day Initiative

QuickTime Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: A buffer underflow existed in the handling of MPEG files. CVE-ID CVE-2012-0660 : Justin Kim at Microsoft and Microsoft Vulnerability Research

QuickTime Available for: OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue existed in the handling of JPEG2000 encoded movie files. CVE-ID CVE-2011-1004 CVE-2011-1005 CVE-2011-4815

Samba Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8 Impact: If SMB file sharing is enabled, an unauthenticated remote attacker may cause a denial of service or arbitrary code execution with system privileges Description: Multiple buffer overflows existed in Samba's handling of remote procedure calls. By sending a maliciously crafted packet, an unauthenticated remote attacker could cause a denial of service or arbitrary code execution with system privileges. CVE-ID CVE-2012-0870 : Andy Davis of NGS Secure CVE-2012-1182 : An anonymous researcher working with HP's Zero Day Initiative

Security Framework Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the Security framework. Processing untrusted input with the Security framework could result in memory corruption. This issue does not affect 32-bit processes. CVE-ID CVE-2012-0662 : aazubel working with HP's Zero Day Initiative

Time Machine Available for: OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: A remote attacker may access a user's Time Machine backup credentials Description: The user may designate a Time Capsule or remote AFP volume attached to an AirPort Base Station to be used for Time Machine backups. Beginning with AirPort Base Station and Time Capsule Firmware Update 7.6, Time Capsules and Base Stations support a secure SRP-based authentication mechanism over AFP. However, Time Machine did not require that the SRP-based authentication mechanism was used for subsequent backup operations, even if Time Machine was initially configured or had ever contacted a Time Capsule or Base Station that supported it. An attacker who is able to spoof the remote volume could gain access to user's Time Capsule credentials, although not backup data, sent by the user's system. This issue is addressed by requiring use of the SRP-based authentication mechanism if the backup destination has ever supported it. CVE-ID CVE-2012-0675 : Renaud Deraison of Tenable Network Security, Inc.

X11 Available for: OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 Impact: Applications that use libXfont to process LZW-compressed data may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libXfont's handling of LZW-compressed data. This issue is addressed by updating libXfont to version 1.4.4. CVE-ID CVE-2011-2895 : Tomas Hoger of Red Hat

Note: Additionally, this update filters dynamic linker environment variables from a customized environment property list in the user's home directory, if present.

OS X Lion v10.7.4 and Security Update 2012-002 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/

The Software Update utility will present the update that applies to your system configuration.

For OS X Lion v10.7.3 The download file is named: MacOSXUpd10.7.4.dmg Its SHA-1 digest is: 04c53a6148ebd8c5733459620b7c1e2172352d36

For OS X Lion v10.7 and v10.7.2 The download file is named: MacOSXUpdCombo10.7.4.dmg Its SHA-1 digest is: b11d511a50d9b728532688768fcdee9c1930037f

For OS X Lion Server v10.7.3 The download file is named: MacOSXServerUpd10.7.4.dmg Its SHA-1 digest is: 3cb5699c8ecf7d70145f3692555557f7206618b2

For OS X Lion Server v10.7 and v10.7.2 The download file is named: MacOSXServerUpdCombo10.7.4.dmg Its SHA-1 digest is: 917207e922056718b9924ef73caa5fcac06b7240

For Mac OS X v10.6.8 The download file is named: SecUpd2012-002Snow.dmg Its SHA-1 digest is: 9669fbd9952419e70ac20109cf4db37f9932e9f8

For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2012-002.dmg Its SHA-1 digest is: 34da2dcbc8d45362f1d5e3b1b218112a729ae1c3

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)

iQEcBAEBAgAGBQJPqtkzAAoJEGnF2JsdZQeee2MIAKAcBIY6k0LU2fDLThFoAgKh WkYpGmCwa7L6n02geHzWrUCK/P/0yGWzDDqLfKlKuKbXdEIRP2wZTlvrqZHLzNO/ nXgz3HN1Xbll8yVXrGMEsoTD23Q+2/ZKLGMlSDw3vgBTVi/g4Rcer4Eew5mTkaoA j4WkrzgVUIxCMrsWMMwu1SVaizBuTYbNVzCzV3JPF1H0zVtVKgwWjhTdOJ/RDksD sjZG1XIEqVyv1rNk5BtjxVPFaJGpf9mcHiH8XyKQ0bC6ToM2r3B++Layoc5k1K0V OxKGSfWOEbWi/KR6vlXyVbe7JnU7a/V0C25HXhnoMEtoTCleZACEByLVtBC87LU= =6Eiz -----END PGP SIGNATURE----- . Apple has released updates to address these vulnerabilities.

I. Apple has released updates to address these vulnerabilities.

II.

III. This advisory describes any known issues related to the updates and the specific impacts for each vulnerability. Administrators are encouraged to note these issues and impacts and test for any potentially adverse effects before wide-scale deployment.

IV. Please send email to cert@cert.org with "TA11-286A Feedback VU#421739" in the subject.

For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.

Produced 2011 by US-CERT, a government organization.

 <http://www.us-cert.gov/legal.html>

Revision History

October 13, 2011: Initial release

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTpb8zj/GkGVXE7GMAQI21Af/SHWzIangqPW9vtuG/MQWSBMy9nG4wIZS DUEAWBEMPTKF3fLrIy6TVpRLN3q/q4dCYXzM4lec4IzKvEbV/bUyg15xEfYdxB0v s/vARGNwf7tjSbjo+PaHLuSZ1HLn/GLO3CXaf+ut/Kb8y9Fsir5klMgrCX/N0JkY dLoV9R6zGs1aQzmF9ULB1IQ2/lUkg6CGnyARh0prfhRFwKfu7NZXb8yz5ex68q6V NF6j9l+XK0Cl4K7R+0ESD4e47jLCg6iN175O8VzrlxiRvBRAyTaFycdMB4uSkmii xu8SqU2QFhsIJy8J+i1Bb6kuWkaxAnUbxO4tRrmXoqTXl9m0CtpnWA== =3Wp2 -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201110-0207",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.7.1"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.7.0"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.7.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.7.0"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.7.4"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.7.4"
      },
      {
        "model": "mac os x server",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.7"
      },
      {
        "model": "mac os x",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.7.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.7"
      },
      {
        "model": "mac os",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.7.2"
      },
      {
        "model": "mac os server",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.7.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.7.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "50085"
      },
      {
        "db": "BID",
        "id": "50109"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201110-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3212"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Anonymous, Apple, Will Dormann of the CERT/CC, Steven Michaud of Mozilla, Martin Tessarek, Steve Riggins of Geeks R Us, Justin C. Walker, Stephen Creswell, Erling Ellingsen of Facebook, Clint Tseng of the University of Washington, Michael\nKobb, Adam Kemp,",
    "sources": [
      {
        "db": "BID",
        "id": "50085"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-3212",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2011-3212",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-51157",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-3212",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-3212",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201110-308",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-51157",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51157"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201110-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3212"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device. \nThe update addresses new vulnerabilities that affect Application Firewall, ATS, CFNetwork, CoreMedia, CoreProcesses, CoreStorage, File Systems, IOGraphics, Kernel, MediaKit, Open Directory, QuickTime, SMB File Server, User Documentation, and libsecurity. Apple Mac OS X is prone to an information-disclosure vulnerability. \nA local attacker can exploit this issue to retrieve arbitrary files from the vulnerable computer. Information obtained may aid in further attacks. \nApple Mac OS X 10.7 and 10.7.1 are vulnerable. \nNOTE: This issue was previously discussed in BID 50085 (Apple Mac OS X Prior to 10.7.2 Multiple Security Vulnerabilities) but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002\n\nOS X Lion v10.7.4 and Security Update 2012-002 is now available and\naddresses the following:\n\nLogin Window\nAvailable for:  OS X Lion v10.7.3, OS X Lion Server v10.7.3\nImpact:  Remote admins and persons with physical access to the system\nmay obtain account information\nDescription:  An issue existed in the handling of network account\nlogins. The login process recorded sensitive information in the\nsystem log, where other users of the system could read it. The\nsensitive information may persist in saved logs after installation of\nthis update. See http://support.apple.com/kb/TS4272 for more\ninformation on how to securely remove any remaining records. This\nissue only affects systems running OS X Lion v10.7.3 with users of\nLegacy File Vault and/or networked home directories. \nCVE-ID\nCVE-2012-0652 : Terry Reeves and Tim Winningham of the Ohio State\nUniversity, Markus \u0027Jaroneko\u0027 Raty of the Finnish Academy of Fine\nArts, Jaakko Pero of Aalto University, Mark Cohen of Oregon State\nUniversity, Paul Nelson\n\nBluetooth\nAvailable for:  OS X Lion v10.7 to v10.7.3,\nOS X Lion Server v10.7 to v10.7.3\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  A temporary file race condition issue existed in\nblued\u0027s initialization routine. \nCVE-ID\nCVE-2012-0649 : Aaron Sigel of vtty.com\n\ncurl\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  An attacker may be able to decrypt data protected by SSL\nDescription:  There are known attacks on the confidentiality of SSL\n3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. \ncurl disabled the \u0027empty fragment\u0027 countermeasure which prevented\nthese attacks. This issue is addressed by enabling empty fragments. \nCVE-ID\nCVE-2011-3389 : Apple\n\ncurl\nAvailable for:  OS X Lion v10.7 to v10.7.3,\nOS X Lion Server v10.7 to v10.7.3\nImpact:  Using curl or libcurl with a maliciously crafted URL may\nlead to protocol-specific data injection attacks\nDescription:  A data injection issue existed in curl\u0027s handling of\nURLs. This issue is addressed through improved validation of URLs. By sending a maliciously\ncrafted message, a remote attacker could cause the directory server\nto disclose memory from its address space, potentially revealing\naccount credentials or other sensitive information. The Directory Server is disabled by\ndefault in non-server installations of OS X. \nCVE-ID\nCVE-2012-0651 : Agustin Azubel\n\nHFS\nAvailable for:  OS X Lion v10.7 to v10.7.3,\nOS X Lion Server v10.7 to v10.7.3\nImpact:  Mounting a maliciously crafted disk image may lead to a\nsystem shutdown or arbitrary code execution\nDescription:  An integer underflow existed in the handling of HFS\ncatalog files. \nCVE-ID\nCVE-2012-0642 : pod2g\n\nImageIO\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact:  Viewing a maliciously crafted TIFF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in ImageIO\u0027s handling of\nCCITT Group 4 encoded TIFF files. Further information is available via the libpng website\nat http://www.libpng.org/pub/png/libpng.html\nCVE-ID\nCVE-2011-2692\nCVE-2011-3328\n\nImageIO\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact:  Viewing a maliciously crafted TIFF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in libtiff\u0027s handling of\nThunderScan encoded TIFF images. This issue is addressed by updating\nlibtiff to version 3.9.5. This issue is addressed through improved\nhandling of the sleep image, and by overwriting the existing sleep\nimage when updating to OS X v10.7.4. \nCVE-ID\nCVE-2011-3212 : Felix Groebert of Google Security Team\n\nlibarchive\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  Extracting a maliciously crafted archive may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple buffer overflows existed in the handling of\ntar archives and iso9660 files. \nCVE-ID\nCVE-2011-1777\nCVE-2011-1778\n\nlibsecurity\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  Verifying a maliciously crafted X.509 certificate, such as\nwhen visiting a maliciously crafted website, may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  An uninitialized memory access issue existed in the\nhandling of X.509 certificates. \nCVE-ID\nCVE-2012-0654 : Dirk-Willem van Gulik of WebWeaving.org, Guilherme\nPrado of Conselho da Justica Federal, Ryan Sleevi of Google\n\nlibsecurity\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  Support for X.509 certificates with insecure-length RSA keys\nmay expose users to spoofing and information disclosure\nDescription:  Certificates signed using RSA keys with insecure key\nlengths were accepted by libsecurity. This issue is addressed by\nrejecting certificates containing RSA keys less than 1024 bits. \nCVE-ID\nCVE-2012-0655\n\nlibxml\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  Viewing a maliciously crafted web page may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple vulnerabilities existed in libxml, the most\nserious of which may lead to an unexpected application termination or\narbitrary code execution. These issues are addressed by applying the\nrelevant upstream patches. \nCVE-ID\nCVE-2011-1944 : Chris Evans of Google Chrome Security Team\nCVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of\nChinese Academy of Sciences\nCVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of\nChinese Academy of Sciences\nCVE-2011-3919 : Juri Aedla\n\nLoginUIFramework\nAvailable for:  OS X Lion v10.7 to v10.7.3,\nOS X Lion Server v10.7 to v10.7.3\nImpact:  If the Guest user is enabled, a user with physical access to\nthe computer may be able to log in to a user other than the Guest\nuser without entering a password\nDescription:  A race condition existed in the handling of Guest user\nlogins. \nCVE-ID\nCVE-2012-0656 : Francisco Gomez (espectalll123)\n\nPHP\nAvailable for:  OS X Lion v10.7 to v10.7.3,\nOS X Lion Server v10.7 to v10.7.3\nImpact:  Multiple vulnerabilities in PHP\nDescription:  PHP is updated to version 5.3.10 to address several\nvulnerabilities, the most serious of which may lead to arbitrary code\nexecution. Further information is available via the PHP web site at\nhttp://www.php.net\nCVE-ID\nCVE-2011-4566\nCVE-2011-4885\nCVE-2012-0830\n\nQuartz Composer\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  A user with physical access to the computer may be able to\ncause Safari to launch if the screen is locked and the RSS Visualizer\nscreen saver is used\nDescription:  An access control issue existed in Quartz Composer\u0027s\nhandling of screen savers. This issue is addressed through improved\nchecking for whether or not the screen is locked. \nCVE-ID\nCVE-2012-0657 : Aaron Sigel of vtty.com\n\nQuickTime\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  Viewing a maliciously crafted movie file during progressive\ndownload may lead to an unexpected application termination or\narbitrary code execution\nDescription:  A buffer overflow existed in the handling of audio\nsample tables. \nCVE-ID\nCVE-2012-0658 : Luigi Auriemma working with HP\u0027s Zero Day Initiative\n\nQuickTime\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  Viewing a maliciously crafted MPEG file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  An integer overflow existed in the handling of MPEG\nfiles. \nCVE-ID\nCVE-2012-0659 : An anonymous researcher working with HP\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  Viewing a maliciously crafted MPEG file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer underflow existed in the handling of MPEG\nfiles. \nCVE-ID\nCVE-2012-0660 : Justin Kim at Microsoft and Microsoft Vulnerability\nResearch\n\nQuickTime\nAvailable for:  OS X Lion v10.7 to v10.7.3,\nOS X Lion Server v10.7 to v10.7.3\nImpact:  Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A use after free issue existed in the handling of\nJPEG2000 encoded movie files. \nCVE-ID\nCVE-2011-1004\nCVE-2011-1005\nCVE-2011-4815\n\nSamba\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8\nImpact:  If SMB file sharing is enabled, an unauthenticated remote\nattacker may cause a denial of service or arbitrary code execution\nwith system privileges\nDescription:  Multiple buffer overflows existed in Samba\u0027s handling\nof remote procedure calls. By sending a maliciously crafted packet,\nan unauthenticated remote attacker could cause a denial of service or\narbitrary code execution with system privileges. \nCVE-ID\nCVE-2012-0870 : Andy Davis of NGS Secure\nCVE-2012-1182 : An anonymous researcher working with HP\u0027s Zero Day\nInitiative\n\nSecurity Framework\nAvailable for:  Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3\nImpact:  A remote attacker may cause an unexpected application\ntermination or arbitrary code execution\nDescription:  An integer overflow existed in the Security framework. \nProcessing untrusted input with the Security framework could result\nin memory corruption. This issue does not affect 32-bit processes. \nCVE-ID\nCVE-2012-0662 : aazubel working with HP\u0027s Zero Day Initiative\n\nTime Machine\nAvailable for:  OS X Lion v10.7 to v10.7.3,\nOS X Lion Server v10.7 to v10.7.3\nImpact:  A remote attacker may access a user\u0027s Time Machine backup\ncredentials\nDescription:  The user may designate a Time Capsule or remote AFP\nvolume attached to an AirPort Base Station to be used for Time\nMachine backups. Beginning with AirPort Base Station and Time Capsule\nFirmware Update 7.6, Time Capsules and Base Stations support a secure\nSRP-based authentication mechanism over AFP. However, Time Machine\ndid not require that the SRP-based authentication mechanism was used\nfor subsequent backup operations, even if Time Machine was initially\nconfigured or had ever contacted a Time Capsule or Base Station that\nsupported it. An attacker who is able to spoof the remote volume\ncould gain access to user\u0027s Time Capsule credentials, although not\nbackup data, sent by the user\u0027s system. This issue is addressed by\nrequiring use of the SRP-based authentication mechanism if the backup\ndestination has ever supported it. \nCVE-ID\nCVE-2012-0675 : Renaud Deraison of Tenable Network Security, Inc. \n\nX11\nAvailable for:  OS X Lion v10.7 to v10.7.3,\nOS X Lion Server v10.7 to v10.7.3\nImpact:  Applications that use libXfont to process LZW-compressed\ndata may be vulnerable to an unexpected application termination or\narbitrary code execution\nDescription:  A buffer overflow existed in libXfont\u0027s handling of\nLZW-compressed data. This issue is addressed by updating libXfont to\nversion 1.4.4. \nCVE-ID\nCVE-2011-2895 : Tomas Hoger of Red Hat\n\n\nNote: Additionally, this update filters dynamic linker environment\nvariables from a customized environment property list in the user\u0027s\nhome directory, if present. \n\n\nOS X Lion v10.7.4 and Security Update 2012-002 may be obtained from\nthe Software Update pane in System Preferences, or Apple\u0027s Software\nDownloads web site:\nhttp://www.apple.com/support/downloads/\n\nThe Software Update utility will present the update that applies\nto your system configuration. \n\nFor OS X Lion v10.7.3\nThe download file is named: MacOSXUpd10.7.4.dmg\nIts SHA-1 digest is: 04c53a6148ebd8c5733459620b7c1e2172352d36\n\nFor OS X Lion v10.7 and v10.7.2\nThe download file is named: MacOSXUpdCombo10.7.4.dmg\nIts SHA-1 digest is: b11d511a50d9b728532688768fcdee9c1930037f\n\nFor OS X Lion Server v10.7.3\nThe download file is named: MacOSXServerUpd10.7.4.dmg\nIts SHA-1 digest is: 3cb5699c8ecf7d70145f3692555557f7206618b2\n\nFor OS X Lion Server v10.7 and v10.7.2\nThe download file is named: MacOSXServerUpdCombo10.7.4.dmg\nIts SHA-1 digest is: 917207e922056718b9924ef73caa5fcac06b7240\n\nFor Mac OS X v10.6.8\nThe download file is named: SecUpd2012-002Snow.dmg\nIts SHA-1 digest is: 9669fbd9952419e70ac20109cf4db37f9932e9f8\n\nFor Mac OS X Server v10.6.8\nThe download file is named: SecUpdSrvr2012-002.dmg\nIts SHA-1 digest is: 34da2dcbc8d45362f1d5e3b1b218112a729ae1c3\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJPqtkzAAoJEGnF2JsdZQeee2MIAKAcBIY6k0LU2fDLThFoAgKh\nWkYpGmCwa7L6n02geHzWrUCK/P/0yGWzDDqLfKlKuKbXdEIRP2wZTlvrqZHLzNO/\nnXgz3HN1Xbll8yVXrGMEsoTD23Q+2/ZKLGMlSDw3vgBTVi/g4Rcer4Eew5mTkaoA\nj4WkrzgVUIxCMrsWMMwu1SVaizBuTYbNVzCzV3JPF1H0zVtVKgwWjhTdOJ/RDksD\nsjZG1XIEqVyv1rNk5BtjxVPFaJGpf9mcHiH8XyKQ0bC6ToM2r3B++Layoc5k1K0V\nOxKGSfWOEbWi/KR6vlXyVbe7JnU7a/V0C25HXhnoMEtoTCleZACEByLVtBC87LU=\n=6Eiz\n-----END PGP SIGNATURE-----\n. Apple has\n   released updates to address these vulnerabilities. \n\n\nI. Apple has released updates to address these\n   vulnerabilities. \n\n\nII. \n\n\nIII. This advisory describes any known issues related to the\n   updates and the specific impacts for each vulnerability. \n   Administrators are encouraged to note these issues and impacts and\n   test for any potentially adverse effects before wide-scale\n   deployment. \n\n\nIV. Please send\n   email to \u003ccert@cert.org\u003e with \"TA11-286A Feedback VU#421739\" in\n   the subject. \n ____________________________________________________________________\n\n   For instructions on subscribing to or unsubscribing from this\n   mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n   Produced 2011 by US-CERT, a government organization. \n\n   Terms of use:\n\n     \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n  October 13, 2011: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTpb8zj/GkGVXE7GMAQI21Af/SHWzIangqPW9vtuG/MQWSBMy9nG4wIZS\nDUEAWBEMPTKF3fLrIy6TVpRLN3q/q4dCYXzM4lec4IzKvEbV/bUyg15xEfYdxB0v\ns/vARGNwf7tjSbjo+PaHLuSZ1HLn/GLO3CXaf+ut/Kb8y9Fsir5klMgrCX/N0JkY\ndLoV9R6zGs1aQzmF9ULB1IQ2/lUkg6CGnyARh0prfhRFwKfu7NZXb8yz5ex68q6V\nNF6j9l+XK0Cl4K7R+0ESD4e47jLCg6iN175O8VzrlxiRvBRAyTaFycdMB4uSkmii\nxu8SqU2QFhsIJy8J+i1Bb6kuWkaxAnUbxO4tRrmXoqTXl9m0CtpnWA==\n=3Wp2\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-3212"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "db": "BID",
        "id": "50085"
      },
      {
        "db": "BID",
        "id": "50109"
      },
      {
        "db": "VULHUB",
        "id": "VHN-51157"
      },
      {
        "db": "PACKETSTORM",
        "id": "112595"
      },
      {
        "db": "PACKETSTORM",
        "id": "105790"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-3212",
        "trust": 3.2
      },
      {
        "db": "BID",
        "id": "50085",
        "trust": 1.4
      },
      {
        "db": "OSVDB",
        "id": "76362",
        "trust": 1.1
      },
      {
        "db": "USCERT",
        "id": "TA11-286A",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201110-308",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "19592",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "46417",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2011-10-12-3",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "50109",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-51157",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "112595",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "105790",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51157"
      },
      {
        "db": "BID",
        "id": "50085"
      },
      {
        "db": "BID",
        "id": "50109"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "db": "PACKETSTORM",
        "id": "112595"
      },
      {
        "db": "PACKETSTORM",
        "id": "105790"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201110-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3212"
      }
    ]
  },
  "id": "VAR-201110-0207",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51157"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T19:40:44.818000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT5002",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5002"
      },
      {
        "title": "HT5281",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5281"
      },
      {
        "title": "MacOSXUpd10.7.2",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40902"
      },
      {
        "title": "MacOSXServerUpd10.7.2",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40901"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201110-308"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-310",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51157"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3212"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00003.html"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht5002"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2012/may/msg00001.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/50085"
      },
      {
        "trust": 1.1,
        "url": "http://support.apple.com/kb/ht5281"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/76362"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3212"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu692779/"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu971123"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/cert/jvnta11-286a"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3212"
      },
      {
        "trust": 0.8,
        "url": "http://www.us-cert.gov/cas/techalerts/ta11-286a.html"
      },
      {
        "trust": 0.6,
        "url": "http://www.apple.com/macosx/"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/46417"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19592"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0036"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0658"
      },
      {
        "trust": 0.1,
        "url": "http://www.php.net"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1167"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1005"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0651"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0656"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0642"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0655"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4885"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2834"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0657"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/support/downloads/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3919"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0649"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2692"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0652"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1944"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1004"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ts4272"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2895"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0241"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1777"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4566"
      },
      {
        "trust": 0.1,
        "url": "http://www.libpng.org/pub/png/libpng.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4815"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1778"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3212"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0654"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3328"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2821"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta11-286a.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ht1338\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ht5002\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/signup.html\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/legal.html\u003e"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51157"
      },
      {
        "db": "BID",
        "id": "50085"
      },
      {
        "db": "BID",
        "id": "50109"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "db": "PACKETSTORM",
        "id": "112595"
      },
      {
        "db": "PACKETSTORM",
        "id": "105790"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201110-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3212"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-51157"
      },
      {
        "db": "BID",
        "id": "50085"
      },
      {
        "db": "BID",
        "id": "50109"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "db": "PACKETSTORM",
        "id": "112595"
      },
      {
        "db": "PACKETSTORM",
        "id": "105790"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201110-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3212"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-10-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-51157"
      },
      {
        "date": "2011-10-12T00:00:00",
        "db": "BID",
        "id": "50085"
      },
      {
        "date": "2011-10-12T00:00:00",
        "db": "BID",
        "id": "50109"
      },
      {
        "date": "2011-10-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "date": "2012-05-10T15:19:38",
        "db": "PACKETSTORM",
        "id": "112595"
      },
      {
        "date": "2011-10-14T05:50:20",
        "db": "PACKETSTORM",
        "id": "105790"
      },
      {
        "date": "2011-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201110-308"
      },
      {
        "date": "2011-10-14T10:55:08.307000",
        "db": "NVD",
        "id": "CVE-2011-3212"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-05-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-51157"
      },
      {
        "date": "2011-10-12T00:00:00",
        "db": "BID",
        "id": "50085"
      },
      {
        "date": "2011-10-12T00:00:00",
        "db": "BID",
        "id": "50109"
      },
      {
        "date": "2012-05-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      },
      {
        "date": "2011-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201110-308"
      },
      {
        "date": "2024-11-21T01:29:59.557000",
        "db": "NVD",
        "id": "CVE-2011-3212"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "50109"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201110-308"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Mac OS X of  CoreStorage and  Kernel Vulnerability in which important information is obtained",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002478"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "50085"
      },
      {
        "db": "BID",
        "id": "50109"
      }
    ],
    "trust": 0.6
  }
}

ghsa-7v4c-c7w2-j55x

Vulnerability from github

Published

2022-05-17 05:30

Modified

2022-05-17 05:30

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-3212"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-10-14T10:55:00Z",
    "severity": "LOW"
  },
  "details": "CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device.",
  "id": "GHSA-7v4c-c7w2-j55x",
  "modified": "2022-05-17T05:30:37Z",
  "published": "2022-05-17T05:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3212"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/76362"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5281"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/50085"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2011-3212

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2011-3212

Aliases

CVE-2011-3212

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-3212",
    "description": "CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device.",
    "id": "GSD-2011-3212"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-3212"
      ],
      "details": "CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device.",
      "id": "GSD-2011-3212",
      "modified": "2023-12-13T01:19:09.377250Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2011-3212",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "76362",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/76362"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "http://support.apple.com/kb/HT5002",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "name": "http://support.apple.com/kb/HT5281",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5281"
          },
          {
            "name": "APPLE-SA-2012-05-09-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
          },
          {
            "name": "50085",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/50085"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-3212"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-310"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2011-10-12-3",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5002",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5002"
            },
            {
              "name": "76362",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/76362"
            },
            {
              "name": "50085",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/50085"
            },
            {
              "name": "http://support.apple.com/kb/HT5281",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT5281"
            },
            {
              "name": "APPLE-SA-2012-05-09-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2012-05-12T03:40Z",
      "publishedDate": "2011-10-14T10:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2011-3212

Vulnerability from cvelistv5

var-201110-0207

Vulnerability from variot

ghsa-7v4c-c7w2-j55x

Vulnerability from github

gsd-2011-3212

Vulnerability from gsd

Tags

Sightings

Nomenclature