cvelistv5 - cve-2009-0012

CVE-2009-0012 (GCVE-0-2009-0012)

Vulnerability from cvelistv5

Published

2009-02-13 00:00

Modified

2024-08-07 04:17

Severity ?

CWE

Summary

Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

fkie_cve-2009-0012

Vulnerability from fkie_nvd

Published

2009-02-13 00:30

Modified

2025-04-09 00:30

Severity ?

Summary

Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.

References

URL	Tags
cve@mitre.org	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html	Patch, Vendor Advisory
cve@mitre.org	http://osvdb.org/51977
cve@mitre.org	http://secunia.com/advisories/33937	Vendor Advisory
cve@mitre.org	http://support.apple.com/kb/HT3438
cve@mitre.org	http://www.securityfocus.com/bid/33759
cve@mitre.org	http://www.securityfocus.com/bid/33809
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0422	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/51977
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33937	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3438
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33759
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33809
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0422	Vendor Advisory

Impacted products

	Vendor	Product	Version
	apple	mac_os_x	10.5.6
	apple	mac_os_x_server	10.5.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en CoreText en Apple Mac OS X versi\u00f3n 10.5.6,permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una cadena Unicode creada."
    }
  ],
  "id": "CVE-2009-0012",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-02-13T00:30:04.843",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/51977"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33937"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3438"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/33759"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/33809"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0422"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/51977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33809"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0422"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-p7wp-mcqw-8cx2

Vulnerability from github

Published

2022-05-02 03:12

Modified

2022-05-02 03:12

Details

Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-0012"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-02-13T00:30:00Z",
    "severity": "HIGH"
  },
  "details": "Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.",
  "id": "GHSA-p7wp-mcqw-8cx2",
  "modified": "2022-05-02T03:12:25Z",
  "published": "2022-05-02T03:12:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0012"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/51977"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33937"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3438"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33759"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33809"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0422"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string. The security update addresses new vulnerabilities that affect the AFP server, movie playing, Resource Manager, Certificate Assistant, CoreText, 'dscl', Folder Manager, FSEvents, csregprinter, Remote Apple Event Viewer, Safari, Xterm, and SMB components of Mac OS X. The advisory also contains security updates for 32 previously reported issues. An attacker can exploit this issue to execute arbitrary code in the context of the application using the component. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously covered in BID 33759 (Apple Mac OS X 2009-001 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. Apple Mac OS X 10.5.6 and OS X Server 10.5.6 are vulnerable. There is a heap overflow in the handling of Unicode strings in CoreText.

1) A race condition error in the AFP Server can be exploited to trigger the execution of an infinite loop by sending a specially crafted file enumeration request.

2) An error in the handling of movie files using the Pixlet codec can be exploited to trigger a memory corruption.

3) An error in the Resource Manager related to CarbonCore can be exploited to trigger a memory corruption via a file containing a specially crafted resource fork.

Successful exploitation of vulnerabilities #2 and #3 may allow execution of arbitrary code.

4) Certificate Assistant handles temporary files in an insecure manner. This can be exploited to overwrite arbitrary files with the privileges of the user running the application. a specially crafted web page.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

7) The dscl program accepts passwords passed via command line arguments. This can be exploited by local users to obtain the received passwords via the process list.

8) Multiple errors in fetchmail can be exploited by malicious people to cause a crash via overly large e-mail headers.

For more information: SA30742

9) Folder Manager creates the "Downloads" folder with global read permissions after a user deletes it. This can be exploited by unprivileged local users to gain access to the "Downloads" folder.

10) An error in the fseventsd program can be exploited to disclose normally restricted filesystem activity via the FSEvents framework.

11) An error in perl when processing Unicode characters can be exploited to trigger a memory corruption and potentially execute arbitrary code.

This is related to: SA27546

12) An error handling problem in csregprinter can be exploited to cause a heap-based buffer overflow and potentially gain system privileges.

13) Multiple errors in python have an unknown impact or can be exploited to cause a crash or potentially compromise a vulnerable system.

For more information: SA26837 SA31305

14) An uninitialized memory access error in the Remote Apple events server can be exploited to disclose potentially sensitive memory contents via specially crafted Remote Apple events.

15) An error in Server Manager while validating authentication credentials can be exploited to alter the system configuration.

16) An integer overflow in the SMB implementation can be exploited to cause a heap-based buffer overflow by tricking a user into connecting to a malicious SMB server.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

17) An error in the SMB implementation can be exploited to exhaust available memory resources and cause a system shutdown by tricking a user into connecting to a malicious SMB server.

18) An error in SquirrelMail can be exploited to inject and execute arbitrary HTML and script code via a specially crafted email.

For more information: SA32143

19) Multiple errors in the X11 server can be exploited by malicious, local users to cause a DoS, disclose potentially sensitive information, or gain escalated privileges.

For more information: SA30627

20) Multiple errors in FreeType can be exploited to cause a DoS or compromise an application using the library.

For more information: SA20100 SA24768 SA30600

21) Multiple errors in LibX11 can be exploited by malicious, local users to disclose sensitive information, cause a DoS, and gain escalated privileges.

For more information: SA24741

22) Xterm creates TTY devices accessible to all users, when used with "luit". This can be exploited to e.g. write data to another user's Xterm.

SOLUTION: Apply Apple Security Update 2009-001. http://www.apple.com/support/downloads/

PROVIDED AND/OR DISCOVERED BY: The vendor credits: 6) Rosyna of Unsanity 9) Graham Perrin of CENTRIM, University of Brighton 10) Mark Dalrymple 12) Lars Haulin

ORIGINAL ADVISORY: http://support.apple.com/kb/HT3438

OTHER REFERENCES: SA20100: http://secunia.com/advisories/20100/

SA24741: http://secunia.com/advisories/24741/

SA24768: http://secunia.com/advisories/24768/

SA26837: http://secunia.com/advisories/26837/

SA27546: http://secunia.com/advisories/27546/

SA30600: http://secunia.com/advisories/30600/

SA30627: http://secunia.com/advisories/30627/

SA30742: http://secunia.com/advisories/30742/

SA31305: http://secunia.com/advisories/31305/

SA32143: http://secunia.com/advisories/32143/

SA32663: http://secunia.com/advisories/32663/

SA32926: http://secunia.com/advisories/32926/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200902-0460",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.5.6"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.5.6"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.6"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.9"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.9"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.10"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.10"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.11"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.8"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.11"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "33759"
      },
      {
        "db": "BID",
        "id": "33809"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0012"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Graham PerrinClint RuohoBilly Rios",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-306"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2009-0012",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2009-0012",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-37458",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2009-0012",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2009-0012",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200902-306",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-37458",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37458"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0012"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string. \nThe security update addresses new vulnerabilities that affect the AFP server, movie playing, Resource Manager, Certificate Assistant, CoreText, \u0027dscl\u0027, Folder Manager, FSEvents, csregprinter, Remote Apple Event Viewer, Safari, Xterm, and SMB components of Mac OS X. The advisory also contains security updates for 32 previously reported issues. \nAn attacker can exploit this issue to execute arbitrary code in the context of the application using the component. Failed exploit attempts will result in a denial-of-service condition. \nNOTE: This issue was previously covered in BID 33759 (Apple Mac OS X 2009-001 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. \nApple Mac OS X 10.5.6 and OS X Server 10.5.6 are vulnerable. There is a heap overflow in the handling of Unicode strings in CoreText. \n\n1) A race condition error in the AFP Server can be exploited to\ntrigger the execution of an infinite loop by sending a specially\ncrafted file enumeration request. \n\n2) An error in the handling of movie files using the Pixlet codec can\nbe exploited to trigger a memory corruption. \n\n3) An error in the Resource Manager related to CarbonCore can be\nexploited to trigger a memory corruption via a file containing a\nspecially crafted resource fork.  \n\nSuccessful exploitation of vulnerabilities #2 and #3 may allow\nexecution of arbitrary code. \n\n4) Certificate Assistant handles temporary files in an insecure\nmanner. This can be exploited to overwrite arbitrary files with the\nprivileges of the user running the application. a specially crafted web page. \n\nSuccessful exploitation of this vulnerability may allow execution of\narbitrary code. \n\n7) The dscl program accepts passwords passed via command line\narguments. This can be exploited by local users to obtain the\nreceived passwords via the process list. \n  \n8) Multiple errors in fetchmail can be exploited by malicious people\nto cause a crash via overly large e-mail headers. \n\nFor more information:\nSA30742\n\n9) Folder Manager creates the \"Downloads\" folder with global read\npermissions after a user deletes it. This can be exploited by\nunprivileged local users to gain access to the \"Downloads\" folder. \n\n10) An error in the fseventsd program can be exploited to disclose\nnormally restricted filesystem activity via the FSEvents framework. \n\n\n11) An error in perl when processing Unicode characters can be\nexploited to trigger a memory corruption and potentially execute\narbitrary code. \n\nThis is related to:\nSA27546\n\n12) An error handling problem in csregprinter can be exploited to\ncause a heap-based buffer overflow and potentially gain system\nprivileges. \n\n13) Multiple errors in python have an unknown impact or can be\nexploited to cause a crash or potentially compromise a vulnerable\nsystem. \n\nFor more information:\nSA26837\nSA31305\n\n14) An uninitialized memory access error in the Remote Apple events\nserver can be exploited to disclose potentially sensitive memory\ncontents via specially crafted Remote Apple events. \n\n15) An error in Server Manager while validating authentication\ncredentials can be exploited to alter the system configuration. \n\n16) An integer overflow in the SMB implementation can be exploited to\ncause a heap-based buffer overflow by tricking a user into connecting\nto a malicious SMB server. \n\nSuccessful exploitation of this vulnerability may allow execution of\narbitrary code. \n\n17) An error in the SMB implementation can be exploited to exhaust\navailable memory resources and cause a system shutdown by tricking a\nuser into connecting to a malicious SMB server. \n\n18) An error in SquirrelMail can be exploited to inject and execute\narbitrary HTML and script code via a specially crafted email. \n\nFor more information:\nSA32143\n\n19) Multiple errors in the X11 server can be exploited by malicious,\nlocal users to cause a DoS, disclose potentially sensitive\ninformation, or gain escalated privileges. \n\nFor more information:\nSA30627\n\n20) Multiple errors in FreeType can be exploited to cause a DoS or\ncompromise an application using the library. \n\nFor more information:\nSA20100\nSA24768\nSA30600\n\n21) Multiple errors in LibX11 can be exploited by malicious, local\nusers to disclose sensitive information, cause a DoS, and gain\nescalated privileges. \n\nFor more information:\nSA24741\n\n22) Xterm creates TTY devices accessible to all users, when used with\n\"luit\". This can be exploited to e.g. write data to another user\u0027s\nXterm. \n\nSOLUTION:\nApply Apple Security Update 2009-001. \nhttp://www.apple.com/support/downloads/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n6) Rosyna of Unsanity\n9) Graham Perrin of CENTRIM, University of Brighton\n10) Mark Dalrymple\n12) Lars Haulin\n\nORIGINAL ADVISORY:\nhttp://support.apple.com/kb/HT3438\n\nOTHER REFERENCES:\nSA20100:\nhttp://secunia.com/advisories/20100/\n\nSA24741:\nhttp://secunia.com/advisories/24741/\n\nSA24768:\nhttp://secunia.com/advisories/24768/\n\nSA26837:\nhttp://secunia.com/advisories/26837/\n\nSA27546:\nhttp://secunia.com/advisories/27546/\n\nSA30600:\nhttp://secunia.com/advisories/30600/\n\nSA30627:\nhttp://secunia.com/advisories/30627/\n\nSA30742:\nhttp://secunia.com/advisories/30742/\n\nSA31305:\nhttp://secunia.com/advisories/31305/\n\nSA32143:\nhttp://secunia.com/advisories/32143/\n\nSA32663:\nhttp://secunia.com/advisories/32663/\n\nSA32926:\nhttp://secunia.com/advisories/32926/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-0012"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      },
      {
        "db": "BID",
        "id": "33759"
      },
      {
        "db": "BID",
        "id": "33809"
      },
      {
        "db": "VULHUB",
        "id": "VHN-37458"
      },
      {
        "db": "PACKETSTORM",
        "id": "74951"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-0012",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "33809",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "33937",
        "trust": 2.6
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-0422",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "33759",
        "trust": 2.0
      },
      {
        "db": "OSVDB",
        "id": "51977",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074",
        "trust": 0.8
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2009-02-12",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-306",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-37458",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "74951",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37458"
      },
      {
        "db": "BID",
        "id": "33759"
      },
      {
        "db": "BID",
        "id": "33809"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      },
      {
        "db": "PACKETSTORM",
        "id": "74951"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0012"
      }
    ]
  },
  "id": "VAR-200902-0460",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37458"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T19:37:58.462000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT3438",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3438"
      },
      {
        "title": "HT3438",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3438?viewlocale=ja_JP"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37458"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0012"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/33809"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/33937"
      },
      {
        "trust": 2.4,
        "url": "http://support.apple.com/kb/ht3438"
      },
      {
        "trust": 1.9,
        "url": "http://www.vupen.com/english/advisories/2009/0422"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2009/feb/msg00000.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/33759"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/51977"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0012"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0012"
      },
      {
        "trust": 0.6,
        "url": "http://www.apple.com/macosx/"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2009/0422"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/20100/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/33937/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/30742/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/26837/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/32663/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/support/downloads/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/30627/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/32143/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/27546/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/24768/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/31305/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/96/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/24741/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/30600/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/32926/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37458"
      },
      {
        "db": "BID",
        "id": "33759"
      },
      {
        "db": "BID",
        "id": "33809"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      },
      {
        "db": "PACKETSTORM",
        "id": "74951"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0012"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-37458"
      },
      {
        "db": "BID",
        "id": "33759"
      },
      {
        "db": "BID",
        "id": "33809"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      },
      {
        "db": "PACKETSTORM",
        "id": "74951"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0012"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-02-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-37458"
      },
      {
        "date": "2009-02-12T00:00:00",
        "db": "BID",
        "id": "33759"
      },
      {
        "date": "2009-02-12T00:00:00",
        "db": "BID",
        "id": "33809"
      },
      {
        "date": "2009-03-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      },
      {
        "date": "2009-02-13T16:11:49",
        "db": "PACKETSTORM",
        "id": "74951"
      },
      {
        "date": "2009-02-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200902-306"
      },
      {
        "date": "2009-02-13T00:30:04.843000",
        "db": "NVD",
        "id": "CVE-2009-0012"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-37458"
      },
      {
        "date": "2009-02-18T16:37:00",
        "db": "BID",
        "id": "33759"
      },
      {
        "date": "2009-02-18T15:47:00",
        "db": "BID",
        "id": "33809"
      },
      {
        "date": "2009-03-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      },
      {
        "date": "2009-03-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200902-306"
      },
      {
        "date": "2024-11-21T00:58:51.840000",
        "db": "NVD",
        "id": "CVE-2009-0012"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "33759"
      },
      {
        "db": "BID",
        "id": "33809"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Mac OS of  CoreText Vulnerable to buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001074"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-306"
      }
    ],
    "trust": 0.6
  }
}

CERTA-2009-AVI-068

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans le système Mac OS X d'Apple. L'exploitation de ces vulnérabilités permet un grand nombre d'actions, dont l'exécution de code arbitraire à distance.

Description

Apple vient de publier des mises à jour pour son système d'exploitation Mac OS X. Ces correctifs concernent la mise à jour de plusieurs applicatifs :

AFP Server ;
Apple Pixlet Video ;
Carbon Core ;
CFNetwork ;
Certificate Assistant ;
ClamAV ;
CoreText ;
CUPS ;
DS Tools ;
fetchmail ;
Folder Manager ;
FSEvents ;
Network Time ;
perl ;
Printing ;
python ;
Remote Apple Events ;
Safari RSS ;
servermgrd ;
SMB ;
SquirrelMail ;
X11 ;
Xterm.

L'exploitation des différentes vulnérabilités permet d'effectuer un grand nombre d'actions malveillantes, dont l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Mac OS X versions 10.5.6 et antérieures ;
	Apple	N/A	Mac OS X versions 10.4.11 et antérieures.

References

Title

Publication Time

gsd-2009-0012

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.

Aliases

CVE-2009-0012

Aliases

CVE-2009-0012

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0012",
    "description": "Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.",
    "id": "GSD-2009-0012"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0012"
      ],
      "details": "Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.",
      "id": "GSD-2009-0012",
      "modified": "2023-12-13T01:19:44.523923Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-0012",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "33937",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/33937"
          },
          {
            "name": "33759",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33759"
          },
          {
            "name": "http://support.apple.com/kb/HT3438",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT3438"
          },
          {
            "name": "APPLE-SA-2009-02-12",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
          },
          {
            "name": "51977",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/51977"
          },
          {
            "name": "ADV-2009-0422",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/0422"
          },
          {
            "name": "33809",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33809"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0012"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2009-02-12",
              "refsource": "APPLE",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
            },
            {
              "name": "33937",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/33937"
            },
            {
              "name": "33759",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/33759"
            },
            {
              "name": "33809",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/33809"
            },
            {
              "name": "51977",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/51977"
            },
            {
              "name": "http://support.apple.com/kb/HT3438",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT3438"
            },
            {
              "name": "ADV-2009-0422",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0422"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2011-03-07T05:00Z",
      "publishedDate": "2009-02-13T00:30Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2009-0012 (GCVE-0-2009-0012)

Vulnerability from cvelistv5

fkie_cve-2009-0012

Vulnerability from fkie_nvd

ghsa-p7wp-mcqw-8cx2

Vulnerability from github

var-200902-0460

Vulnerability from variot

CERTA-2009-AVI-068

Vulnerability from certfr_avis

Description

Solution

gsd-2009-0012

Vulnerability from gsd

Tags

Sightings

Nomenclature