Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2011-3446 (GCVE-0-2011-3446)
Vulnerability from cvelistv5
Published
2012-02-02 18:00
Modified
2024-09-16 18:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:47.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5130"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-02T18:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5130"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-3446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT5130",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5130"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2011-3446",
"datePublished": "2012-02-02T18:00:00Z",
"dateReserved": "2011-09-13T00:00:00Z",
"dateUpdated": "2024-09-16T18:04:19.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2011-3446\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2012-02-02T18:55:01.067\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.\"},{\"lang\":\"es\",\"value\":\"Apple Type Services (ATS) en Apple Mac OS X antes de v10.7.3 no maneja correctamente la memoria para archivos de datos-fuente, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n causar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una fuente de letra manipulada que es accedida por Font Book.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.7.2\",\"matchCriteriaId\":\"B52C3912-5F34-4C5C-9B02-953C5DE8DE49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8961F444-48C4-4B54-829B-A1A2D0F2716C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09A0FA11-6211-4962-A6E0-F00732818012\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.7.2\",\"matchCriteriaId\":\"19E02215-21EA-41A7-B977-01CE5CB2424F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38823717-65A1-4587-8F05-32EA9A01084C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD4E77C-3F87-476B-BB66-75EECDFDB18E\"}]}]}],\"references\":[{\"url\":\"http://support.apple.com/kb/HT5130\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT5130\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
fkie_cve-2011-3446
Vulnerability from fkie_nvd
Published
2012-02-02 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| apple | mac_os_x | 10.7.0 | |
| apple | mac_os_x | 10.7.1 | |
| apple | mac_os_x_server | * | |
| apple | mac_os_x_server | 10.7.0 | |
| apple | mac_os_x_server | 10.7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B52C3912-5F34-4C5C-9B02-953C5DE8DE49",
"versionEndIncluding": "10.7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8961F444-48C4-4B54-829B-A1A2D0F2716C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09A0FA11-6211-4962-A6E0-F00732818012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19E02215-21EA-41A7-B977-01CE5CB2424F",
"versionEndIncluding": "10.7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38823717-65A1-4587-8F05-32EA9A01084C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD4E77C-3F87-476B-BB66-75EECDFDB18E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book."
},
{
"lang": "es",
"value": "Apple Type Services (ATS) en Apple Mac OS X antes de v10.7.3 no maneja correctamente la memoria para archivos de datos-fuente, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n causar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una fuente de letra manipulada que es accedida por Font Book."
}
],
"id": "CVE-2011-3446",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-02-02T18:55:01.067",
"references": [
{
"source": "product-security@apple.com",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5130"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201202-0147
Vulnerability from variot
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book. Attackers can exploit this issue by enticing an unsuspecting user to open a malicious font file in the Font Book application. An attacker could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. This issue affects Mac OS X 10.6.8, Mac OS X Server 10.6.8, Mac OS X Lion 10.7 to 10.7.2 and Mac OS X Lion Server 10.7 to 10.7.2. ----------------------------------------------------------------------
SC Magazine awards the Secunia CSI a 5-Star rating Top-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296
TITLE: Apple Mac OS X Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA47843
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47843/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47843
RELEASE DATE: 2012-02-03
DISCUSS ADVISORY: http://secunia.com/advisories/47843/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47843/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47843
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
1) The Address Book component downgrades to an unencrypted connection when an encrypted connection fails. This can be exploited to intercept CardDAV data.
2) An error in the bundled version of Apache can be exploited to cause a temporary DoS (Denial of Service).
For more information: SA46013
3) A design error in Apache within the Secure Sockets Layer 3.0 (SSL) and Transport Layer Security 1.0 (TLS) protocols when using a block cipher in CBC mode can be exploited to decrypt data protected by SSL.
5) An error in CFNetwork when handling URLs can be exploited to disclose sensitive information via a specially crafted web page as a request could be sent to an incorrect origin server.
6) An error in CFNetwork when handling URLs can be exploited to disclose sensitive information via a specially crafted web page as unexpected request headers could be sent.
7) An integer overflow error in ColorSync when handling images with embedded ColorSync profiles can be exploited to cause a heap-based buffer overflow via a specially crafted image.
8) An error in CoreAudio when handling AAC encoded audio streams can be exploited to cause a buffer overflow when playing specially crafted audio content.
9) An error in CoreMedia when handling H.264 encoded movies can be exploited to cause a heap-based buffer overflow.
10) A use-after-free error in CoreText when handling documents containing fonts can be exploited to dereference already freed memory via a specially crafted font.
11) An error exists in CoreUI when handling long URLs and can be exploited via a specially crafted website.
12) An error in curl can be exploited by remote servers to impersonate clients via GSSAPI requests.
For more information: SA45067
13) Two of the certificate authorities in the list of trusted root certificates have issued intermediate certificates to DigiCert Malaysia, who has issued certificates with weak keys that cannot be revoked.
14) A design error in dovecot within the Secure Sockets Layer 3.0 (SSL) and Transport Layer Security 1.0 (TLS) protocols when using a block cipher in CBC mode can be exploited to decrypt data protected by SSL.
15) An error in the uncompress command line tool when decompressing compressed files can be exploited to cause a buffer overflow.
For more information: SA45544
16) An error in ImageIO when parsing TIFF images can be exploited to cause a buffer overflow.
For more information see vulnerability #9: SA45325
17) An error in ImageIO when handling ThunderScan encoded TIFF images can be exploited to cause a buffer overflow.
For more information see vulnerability #2: SA43593:
18) An error exists in the bundled version of libpng.
For more information: SA46148
19) An error in Internet Sharing may cause the used Wi-Fi configuration to revert to factory defaults (e.g. disabling the WEP password) after a system update.
20) An error in Libinfo can be exploited to disclose sensitive information via a specially crafted website.
For more information see vulnerability #4: SA46747
21) An integer overflow error in libresolv when parsing DNS resource records can be exploited to cause a heap-based buffer overflow.
22) An error in libsecurity may cause some EV certificates to be trusted even when the corresponding root is marked untrusted.
23) Multiple errors in OpenGL when handling GLSL compilation can be exploited to corrupt memory.
24) Multiple errors exist in the bundled version of PHP.
For more information: SA44874 SA45678
25) Various errors in FreeType when handling Type 1 fonts can be exploited to corrupt memory.
For more information: SA46575
26) An error in QuickTime when parsing MP4 encoded files can be exploited to access uninitialised memory.
27) A signedness error in QuickTime when handling font tables embedded in movie files can be exploited to corrupt memory.
28) An off-by-one error in QuickTime when handling rdrf atoms in movie files can be exploited to cause a single byte buffer overflow.
29) An error in QuickTime when parsing JPEG2000 images can be exploited to cause a buffer overflow.
30) An error in QuickTime when parsing PNG images can be exploited to cause a buffer overflow.
31) An error in QuickTime when handling FLC encoded movie files can be exploited to cause a buffer overflow.
32) Multiple errors exists in the bundled version of SquirrelMail.
For more information: SA40307 SA45197
33) Various errors exist in the bundled version of Subversion.
For more information: SA44681
34) Time Machine does not verify that a designated remote AFP volume or Time Capsule is used for subsequent backups. This can be exploited to access backups by spoofing the remote volume.
35) Errors exist in the bundled version of Tomcat.
For more information: SA44981
36) An error in WebDAV Sharing when handling user authentication can be exploited by local users to gain escalated privileges.
37) An error exists in the bundled version of Webmail.
For more information: SA45605
SOLUTION: Update to OS X Lion version 10.7.3 or apply Security Update 2012-001.
PROVIDED AND/OR DISCOVERED BY: 4, 10) Will Dormann, CERT/CC
The vendor also credits: 1) Bernard Desruisseaux, Oracle Corporation 5, 6) Erling Ellingsen, Facebook 7) binaryproof via ZDI 8, 27, 28, 29, 30) Luigi Auriemma via ZDI 9) Scott Stender, iSEC Partners 11) Ben Syverson 19) An anonymous person 21) Ilja van Sprundel, IOActive 22) Alastair Houghton 23) Chris Evans, Google Chrome Security Team and Marc Schoenefeld, Red Hat Security Response Team 26) Luigi Auriemma via ZDI and pa_kt via ZDI 31) Matt "j00ru" Jurczyk via ZDI 34) Michael Roitzsch, Technische Universit\xe4t Dresden 36) Gordon Davisson, Crywolf
ORIGINAL ADVISORY: Apple Security Update 2012-001: http://support.apple.com/kb/HT5130
US-CERT: http://www.kb.cert.org/vuls/id/403593 http://www.kb.cert.org/vuls/id/410281
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0147",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple",
"version": null
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.7.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.7.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.7.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.7.0"
},
{
"model": "mac os x server",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.7.2"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.7.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 to v10.7.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 to v10.7.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.7.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.7.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#410281"
},
{
"db": "CERT/CC",
"id": "VU#403593"
},
{
"db": "BID",
"id": "51832"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001281"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-050"
},
{
"db": "NVD",
"id": "CVE-2011-3446"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001281"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Will Dormann of CERT.",
"sources": [
{
"db": "BID",
"id": "51832"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-050"
}
],
"trust": 0.9
},
"cve": "CVE-2011-3446",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3446",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#410281",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#403593",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-51391",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3446",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#410281",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#403593",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-3446",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-050",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-51391",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#410281"
},
{
"db": "CERT/CC",
"id": "VU#403593"
},
{
"db": "VULHUB",
"id": "VHN-51391"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001281"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-050"
},
{
"db": "NVD",
"id": "CVE-2011-3446"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book. \nAttackers can exploit this issue by enticing an unsuspecting user to open a malicious font file in the Font Book application. \nAn attacker could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. \nThis issue affects Mac OS X 10.6.8, Mac OS X Server 10.6.8, Mac OS X Lion 10.7 to 10.7.2 and\nMac OS X Lion Server 10.7 to 10.7.2. ----------------------------------------------------------------------\n\nSC Magazine awards the Secunia CSI a 5-Star rating\nTop-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296 \n\n----------------------------------------------------------------------\n\nTITLE:\nApple Mac OS X Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA47843\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47843/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47843\n\nRELEASE DATE:\n2012-02-03\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47843/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47843/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47843\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nApple has issued a security update for Mac OS X, which fixes multiple\nvulnerabilities. \n\n1) The Address Book component downgrades to an unencrypted connection\nwhen an encrypted connection fails. This can be exploited to intercept\nCardDAV data. \n\n2) An error in the bundled version of Apache can be exploited to\ncause a temporary DoS (Denial of Service). \n\nFor more information:\nSA46013\n\n3) A design error in Apache within the Secure Sockets Layer 3.0 (SSL)\nand Transport Layer Security 1.0 (TLS) protocols when using a block\ncipher in CBC mode can be exploited to decrypt data protected by\nSSL. \n\n5) An error in CFNetwork when handling URLs can be exploited to\ndisclose sensitive information via a specially crafted web page as a\nrequest could be sent to an incorrect origin server. \n\n6) An error in CFNetwork when handling URLs can be exploited to\ndisclose sensitive information via a specially crafted web page as\nunexpected request headers could be sent. \n\n7) An integer overflow error in ColorSync when handling images with\nembedded ColorSync profiles can be exploited to cause a heap-based\nbuffer overflow via a specially crafted image. \n\n8) An error in CoreAudio when handling AAC encoded audio streams can\nbe exploited to cause a buffer overflow when playing specially\ncrafted audio content. \n\n9) An error in CoreMedia when handling H.264 encoded movies can be\nexploited to cause a heap-based buffer overflow. \n\n10) A use-after-free error in CoreText when handling documents\ncontaining fonts can be exploited to dereference already freed memory\nvia a specially crafted font. \n\n11) An error exists in CoreUI when handling long URLs and can be\nexploited via a specially crafted website. \n\n12) An error in curl can be exploited by remote servers to\nimpersonate clients via GSSAPI requests. \n\nFor more information:\nSA45067\n\n13) Two of the certificate authorities in the list of trusted root\ncertificates have issued intermediate certificates to DigiCert\nMalaysia, who has issued certificates with weak keys that cannot be\nrevoked. \n\n14) A design error in dovecot within the Secure Sockets Layer 3.0\n(SSL) and Transport Layer Security 1.0 (TLS) protocols when using a\nblock cipher in CBC mode can be exploited to decrypt data protected\nby SSL. \n\n15) An error in the uncompress command line tool when decompressing\ncompressed files can be exploited to cause a buffer overflow. \n\nFor more information:\nSA45544\n\n16) An error in ImageIO when parsing TIFF images can be exploited to\ncause a buffer overflow. \n\nFor more information see vulnerability #9:\nSA45325\n\n17) An error in ImageIO when handling ThunderScan encoded TIFF images\ncan be exploited to cause a buffer overflow. \n\nFor more information see vulnerability #2:\nSA43593:\n\n18) An error exists in the bundled version of libpng. \n\nFor more information:\nSA46148\n\n19) An error in Internet Sharing may cause the used Wi-Fi\nconfiguration to revert to factory defaults (e.g. disabling the WEP\npassword) after a system update. \n\n20) An error in Libinfo can be exploited to disclose sensitive\ninformation via a specially crafted website. \n\nFor more information see vulnerability #4:\nSA46747\n\n21) An integer overflow error in libresolv when parsing DNS resource\nrecords can be exploited to cause a heap-based buffer overflow. \n\n22) An error in libsecurity may cause some EV certificates to be\ntrusted even when the corresponding root is marked untrusted. \n\n23) Multiple errors in OpenGL when handling GLSL compilation can be\nexploited to corrupt memory. \n\n24) Multiple errors exist in the bundled version of PHP. \n\nFor more information:\nSA44874\nSA45678\n\n25) Various errors in FreeType when handling Type 1 fonts can be\nexploited to corrupt memory. \n\nFor more information:\nSA46575\n\n26) An error in QuickTime when parsing MP4 encoded files can be\nexploited to access uninitialised memory. \n\n27) A signedness error in QuickTime when handling font tables\nembedded in movie files can be exploited to corrupt memory. \n\n28) An off-by-one error in QuickTime when handling rdrf atoms in\nmovie files can be exploited to cause a single byte buffer overflow. \n\n29) An error in QuickTime when parsing JPEG2000 images can be\nexploited to cause a buffer overflow. \n\n30) An error in QuickTime when parsing PNG images can be exploited to\ncause a buffer overflow. \n\n31) An error in QuickTime when handling FLC encoded movie files can\nbe exploited to cause a buffer overflow. \n\n32) Multiple errors exists in the bundled version of SquirrelMail. \n\nFor more information:\nSA40307\nSA45197\n\n33) Various errors exist in the bundled version of Subversion. \n\nFor more information:\nSA44681\n\n34) Time Machine does not verify that a designated remote AFP volume\nor Time Capsule is used for subsequent backups. This can be exploited\nto access backups by spoofing the remote volume. \n\n35) Errors exist in the bundled version of Tomcat. \n\nFor more information:\nSA44981\n\n36) An error in WebDAV Sharing when handling user authentication can\nbe exploited by local users to gain escalated privileges. \n\n37) An error exists in the bundled version of Webmail. \n\nFor more information:\nSA45605\n\nSOLUTION:\nUpdate to OS X Lion version 10.7.3 or apply Security Update 2012-001. \n\nPROVIDED AND/OR DISCOVERED BY:\n4, 10) Will Dormann, CERT/CC\n\nThe vendor also credits:\n1) Bernard Desruisseaux, Oracle Corporation\n5, 6) Erling Ellingsen, Facebook\n7) binaryproof via ZDI\n8, 27, 28, 29, 30) Luigi Auriemma via ZDI\n9) Scott Stender, iSEC Partners\n11) Ben Syverson\n19) An anonymous person\n21) Ilja van Sprundel, IOActive\n22) Alastair Houghton\n23) Chris Evans, Google Chrome Security Team and Marc Schoenefeld,\nRed Hat Security Response Team\n26) Luigi Auriemma via ZDI and pa_kt via ZDI\n31) Matt \"j00ru\" Jurczyk via ZDI\n34) Michael Roitzsch, Technische Universit\\xe4t Dresden\n36) Gordon Davisson, Crywolf\n\nORIGINAL ADVISORY:\nApple Security Update 2012-001:\nhttp://support.apple.com/kb/HT5130\n\nUS-CERT:\nhttp://www.kb.cert.org/vuls/id/403593\nhttp://www.kb.cert.org/vuls/id/410281\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3446"
},
{
"db": "CERT/CC",
"id": "VU#410281"
},
{
"db": "CERT/CC",
"id": "VU#403593"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001281"
},
{
"db": "BID",
"id": "51832"
},
{
"db": "VULHUB",
"id": "VHN-51391"
},
{
"db": "PACKETSTORM",
"id": "109442"
}
],
"trust": 3.51
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/410281",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.kb.cert.org/vuls/id/403593",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#410281"
},
{
"db": "CERT/CC",
"id": "VU#403593"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3446",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#403593",
"trust": 2.0
},
{
"db": "CERT/CC",
"id": "VU#410281",
"trust": 0.9
},
{
"db": "BID",
"id": "51832",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001281",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201202-050",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "18634",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "47843",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-51391",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109442",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#410281"
},
{
"db": "CERT/CC",
"id": "VU#403593"
},
{
"db": "VULHUB",
"id": "VHN-51391"
},
{
"db": "BID",
"id": "51832"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001281"
},
{
"db": "PACKETSTORM",
"id": "109442"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-050"
},
{
"db": "NVD",
"id": "CVE-2011-3446"
}
]
},
"id": "VAR-201202-0147",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-51391"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:53:58.606000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT5130",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5130"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001281"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3446"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.5,
"url": "http://support.apple.com/kb/ht5130"
},
{
"trust": 1.2,
"url": "http://www.kb.cert.org/vuls/id/403593"
},
{
"trust": 0.8,
"url": "http://developer.apple.com/library/mac/documentation/stringstextfonts/conceptual/coretext_programming/introduction/introduction.html"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3446"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu382755"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu403593"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3446"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51832"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/18634"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47843"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/410281"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47843/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47843/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/296"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#410281"
},
{
"db": "CERT/CC",
"id": "VU#403593"
},
{
"db": "VULHUB",
"id": "VHN-51391"
},
{
"db": "BID",
"id": "51832"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001281"
},
{
"db": "PACKETSTORM",
"id": "109442"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-050"
},
{
"db": "NVD",
"id": "CVE-2011-3446"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#410281"
},
{
"db": "CERT/CC",
"id": "VU#403593"
},
{
"db": "VULHUB",
"id": "VHN-51391"
},
{
"db": "BID",
"id": "51832"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001281"
},
{
"db": "PACKETSTORM",
"id": "109442"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-050"
},
{
"db": "NVD",
"id": "CVE-2011-3446"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-02T00:00:00",
"db": "CERT/CC",
"id": "VU#410281"
},
{
"date": "2012-02-02T00:00:00",
"db": "CERT/CC",
"id": "VU#403593"
},
{
"date": "2012-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-51391"
},
{
"date": "2012-02-02T00:00:00",
"db": "BID",
"id": "51832"
},
{
"date": "2012-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001281"
},
{
"date": "2012-02-04T04:42:13",
"db": "PACKETSTORM",
"id": "109442"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-050"
},
{
"date": "2012-02-02T18:55:01.067000",
"db": "NVD",
"id": "CVE-2011-3446"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#410281"
},
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#403593"
},
{
"date": "2012-02-03T00:00:00",
"db": "VULHUB",
"id": "VHN-51391"
},
{
"date": "2015-03-19T07:35:00",
"db": "BID",
"id": "51832"
},
{
"date": "2012-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001281"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-050"
},
{
"date": "2024-11-21T01:30:31.383000",
"db": "NVD",
"id": "CVE-2011-3446"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-050"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X CoreText embedded font vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#410281"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-050"
}
],
"trust": 0.6
}
}
gsd-2011-3446
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2011-3446",
"description": "Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.",
"id": "GSD-2011-3446"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2011-3446"
],
"details": "Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.",
"id": "GSD-2011-3446",
"modified": "2023-12-13T01:19:09.449028Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-3446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT5130",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5130"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.7.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-3446"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT5130",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT5130"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2012-02-03T05:00Z",
"publishedDate": "2012-02-02T18:55Z"
}
}
}
CERTA-2012-AVI-054
Vulnerability from certfr_avis
Plusieurs vulnérabilités sont présentes dans Mac OS X Lion.
Description
Plusieurs vulnérabilités existent dans Mac OS X Lion dont certaines, particulièrement critiques, permettent à une personne malintentionnée d'exécuter du code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Mac OS X Lion, versions antérieures à 10.7.3.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eMac OS X Lion, versions ant\u00e9rieures \u00e0 10.7.3.\u003c/p\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s existent dans Mac OS X Lion dont certaines,\nparticuli\u00e8rement critiques, permettent \u00e0 une personne malintentionn\u00e9e\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-1167",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1167"
},
{
"name": "CVE-2011-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2202"
},
{
"name": "CVE-2011-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2483"
},
{
"name": "CVE-2011-0200",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0200"
},
{
"name": "CVE-2011-3459",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3459"
},
{
"name": "CVE-2011-3348",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3348"
},
{
"name": "CVE-2010-4555",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4555"
},
{
"name": "CVE-2011-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3446"
},
{
"name": "CVE-2011-3182",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3182"
},
{
"name": "CVE-2011-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3268"
},
{
"name": "CVE-2011-3453",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3453"
},
{
"name": "CVE-2010-2813",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2813"
},
{
"name": "CVE-2011-3256",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3256"
},
{
"name": "CVE-2011-3444",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3444"
},
{
"name": "CVE-2011-3450",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3450"
},
{
"name": "CVE-2011-1657",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1657"
},
{
"name": "CVE-2011-3422",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3422"
},
{
"name": "CVE-2011-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3449"
},
{
"name": "CVE-2011-3328",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3328"
},
{
"name": "CVE-2011-3249",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3249"
},
{
"name": "CVE-2011-3267",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3267"
},
{
"name": "CVE-2011-1921",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1921"
},
{
"name": "CVE-2011-3448",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3448"
},
{
"name": "CVE-2011-1148",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1148"
},
{
"name": "CVE-2011-3441",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3441"
},
{
"name": "CVE-2011-1783",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1783"
},
{
"name": "CVE-2010-4554",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4554"
},
{
"name": "CVE-2011-3246",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3246"
},
{
"name": "CVE-2011-0241",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0241"
},
{
"name": "CVE-2011-3452",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3452"
},
{
"name": "CVE-2011-2192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2192"
},
{
"name": "CVE-2011-3460",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3460"
},
{
"name": "CVE-2011-3252",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3252"
},
{
"name": "CVE-2011-3248",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3248"
},
{
"name": "CVE-2011-3457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3457"
},
{
"name": "CVE-2011-3463",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3463"
},
{
"name": "CVE-2011-2937",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2937"
},
{
"name": "CVE-2011-3458",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3458"
},
{
"name": "CVE-2011-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1752"
},
{
"name": "CVE-2011-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2895"
},
{
"name": "CVE-2011-3462",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3462"
},
{
"name": "CVE-2010-1637",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1637"
},
{
"name": "CVE-2011-2204",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2204"
},
{
"name": "CVE-2011-3250",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3250"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
},
{
"name": "CVE-2011-2023",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2023"
},
{
"name": "CVE-2011-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1938"
},
{
"name": "CVE-2011-3447",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3447"
},
{
"name": "CVE-2011-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3189"
}
],
"initial_release_date": "2012-02-03T00:00:00",
"last_revision_date": "2012-02-03T00:00:00",
"links": [],
"reference": "CERTA-2012-AVI-054",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-02-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans \u003cspan class=\"textit\"\u003eMac OS\nX Lion\u003c/span\u003e.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Mac OS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT5130 du 01 f\u00e9vrier 2012",
"url": "http://support.apple.com/kb/HT5130"
}
]
}
CERTA-2011-AVI-634
Vulnerability from certfr_avis
Plusieurs vulnérabilités ont été corrigées dans Apple iOS. L'une d'entre elles permet d'exécuter du code arbitraire.
Description
Plusieurs vulnérabilités ont été corrigées dans Apple iOS. Les composants suivants ont été mis à jour :
- CFNetwork ;
- CoreGraphics ;
- Gestion des certificats racines ;
- Kernel ;
- Libinfo ;
- Gestion du verrouillage.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Apple iOS versions antérieures à la version 5.0.1.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eApple iOS versions ant\u00e9rieures \u00e0 la version 5.0.1.\u003c/P\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS. Les\ncomposants suivants ont \u00e9t\u00e9 mis \u00e0 jour\u00a0:\n\n- CFNetwork\u00a0;\n- CoreGraphics\u00a0;\n- Gestion des certificats racines\u00a0;\n- Kernel\u00a0;\n- Libinfo\u00a0;\n- Gestion du verrouillage.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3439",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3439"
},
{
"name": "CVE-2011-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3446"
},
{
"name": "CVE-2011-3440",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3440"
},
{
"name": "CVE-2011-3441",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3441"
},
{
"name": "CVE-2011-3442",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3442"
}
],
"initial_release_date": "2011-11-14T00:00:00",
"last_revision_date": "2011-11-14T00:00:00",
"links": [],
"reference": "CERTA-2011-AVI-634",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS. L\u0027une d\u0027entre\nelles permet d\u0027ex\u00e9cuter du code arbitraire.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Apple iOS",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT5052 du 10 novembre 2011",
"url": "http://support.apple.com/kb/HT5052"
}
]
}
ghsa-9phx-mqvv-pf8c
Vulnerability from github
Published
2022-05-17 05:34
Modified
2022-05-17 05:34
VLAI Severity ?
Details
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.
{
"affected": [],
"aliases": [
"CVE-2011-3446"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-02-02T18:55:00Z",
"severity": "HIGH"
},
"details": "Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.",
"id": "GHSA-9phx-mqvv-pf8c",
"modified": "2022-05-17T05:34:46Z",
"published": "2022-05-17T05:34:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3446"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5130"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…