cvelistv5 - cve-2011-0204

cve-2011-0204

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

Summary

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.

References

URL	Tags
product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html
product-security@apple.com	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	Patch, Vendor Advisory
product-security@apple.com	http://osvdb.org/73368
product-security@apple.com	http://support.apple.com/kb/HT4723	Patch, Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT4808
product-security@apple.com	http://support.apple.com/kb/HT4981
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/73368
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4723	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4808
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4981

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T21:43:15.426Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT4723",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT4981",
               },
               {
                  name: "20110628 NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html",
               },
               {
                  name: "APPLE-SA-2011-10-11-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html",
               },
               {
                  name: "APPLE-SA-2011-06-23-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT4808",
               },
               {
                  name: "APPLE-SA-2011-07-20-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html",
               },
               {
                  name: "73368",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://osvdb.org/73368",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2011-06-23T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2011-07-23T09:00:00",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT4723",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT4981",
            },
            {
               name: "20110628 NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html",
            },
            {
               name: "APPLE-SA-2011-10-11-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html",
            },
            {
               name: "APPLE-SA-2011-06-23-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT4808",
            },
            {
               name: "APPLE-SA-2011-07-20-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html",
            },
            {
               name: "73368",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://osvdb.org/73368",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "product-security@apple.com",
               ID: "CVE-2011-0204",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://support.apple.com/kb/HT4723",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT4723",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4981",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT4981",
                  },
                  {
                     name: "20110628 NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow",
                     refsource: "BUGTRAQ",
                     url: "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html",
                  },
                  {
                     name: "APPLE-SA-2011-10-11-1",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html",
                  },
                  {
                     name: "APPLE-SA-2011-06-23-1",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4808",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT4808",
                  },
                  {
                     name: "APPLE-SA-2011-07-20-1",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html",
                  },
                  {
                     name: "73368",
                     refsource: "OSVDB",
                     url: "http://osvdb.org/73368",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2011-0204",
      datePublished: "2011-06-24T20:00:00",
      dateReserved: "2010-12-23T00:00:00",
      dateUpdated: "2024-08-06T21:43:15.426Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2011-0204\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2011-06-24T20:55:02.327\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de desbordamiento de búfer de memoria dinámica en ImageIO en Apple Mac OS X antes de v10.6.8 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de una imagen TIFF modificada a mano.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:apple:imageio:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0E7DDD0-15E0-4464-9FA0-154188BC0FA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1335E35A-D381-4056-9E78-37BC6DF8AD98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C69DEE9-3FA5-408E-AD27-F5E7043F852A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D25D1FD3-C291-492C-83A7-0AFAFAADC98D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B565F77-C310-4B83-B098-22F9489C226C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"546EBFC8-79F0-42C2-9B9A-A76CA3F19470\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"119C8089-8C98-472E-9E9C-1741AA21DD35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"831C5105-6409-4743-8FB5-A91D8956202F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B63D169-E2AA-4315-891F-B4AF99F2753C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E715DFC-ADB8-43D0-9941-76BB0BE7BCF5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:imageio:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0E7DDD0-15E0-4464-9FA0-154188BC0FA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82B4CD59-9F37-4EF0-BA43-427CFD6E1329\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26E34E35-CCE9-42BE-9AFF-561D8AA90E25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A04FF6EE-D4DA-4D70-B0CE-154292828531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9425320F-D119-49EB-9265-3159070DFE93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0D1051-F850-4A02-ABA0-968E1336A518\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1C9705A-74D4-43BA-A119-C667678F9A15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BBF5FE5-4B25-47BE-8D9D-F228746408EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CE84A25-CEFB-4165-9498-2E4BF60E2C0E\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/73368\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4723\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4808\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4981\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/73368\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4723\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4981\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}

fkie_cve-2011-0204

Vulnerability from fkie_nvd

Published

2011-06-24 20:55

Modified

2025-04-11 00:51

Severity ?

Summary

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.

References

URL	Tags
product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html
product-security@apple.com	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	Patch, Vendor Advisory
product-security@apple.com	http://osvdb.org/73368
product-security@apple.com	http://support.apple.com/kb/HT4723	Patch, Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT4808
product-security@apple.com	http://support.apple.com/kb/HT4981
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/73368
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4723	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4808
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4981

Impacted products

Vendor	Product	Version
apple	imageio	*
apple	mac_os_x	10.5.8
apple	mac_os_x	10.6.0
apple	mac_os_x	10.6.1
apple	mac_os_x	10.6.2
apple	mac_os_x	10.6.3
apple	mac_os_x	10.6.4
apple	mac_os_x	10.6.5
apple	mac_os_x	10.6.6
apple	mac_os_x	10.6.7
apple	imageio	*
apple	mac_os_x_server	10.5.8
apple	mac_os_x_server	10.6.0
apple	mac_os_x_server	10.6.1
apple	mac_os_x_server	10.6.2
apple	mac_os_x_server	10.6.3
apple	mac_os_x_server	10.6.4
apple	mac_os_x_server	10.6.5
apple	mac_os_x_server	10.6.6
apple	mac_os_x_server	10.6.7

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apple:imageio:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0E7DDD0-15E0-4464-9FA0-154188BC0FA8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "1335E35A-D381-4056-9E78-37BC6DF8AD98",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C69DEE9-3FA5-408E-AD27-F5E7043F852A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D25D1FD3-C291-492C-83A7-0AFAFAADC98D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B565F77-C310-4B83-B098-22F9489C226C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "546EBFC8-79F0-42C2-9B9A-A76CA3F19470",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "119C8089-8C98-472E-9E9C-1741AA21DD35",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "831C5105-6409-4743-8FB5-A91D8956202F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B63D169-E2AA-4315-891F-B4AF99F2753C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E715DFC-ADB8-43D0-9941-76BB0BE7BCF5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apple:imageio:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0E7DDD0-15E0-4464-9FA0-154188BC0FA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "82B4CD59-9F37-4EF0-BA43-427CFD6E1329",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "26E34E35-CCE9-42BE-9AFF-561D8AA90E25",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "A04FF6EE-D4DA-4D70-B0CE-154292828531",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "9425320F-D119-49EB-9265-3159070DFE93",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF0D1051-F850-4A02-ABA0-968E1336A518",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1C9705A-74D4-43BA-A119-C667678F9A15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BBF5FE5-4B25-47BE-8D9D-F228746408EC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE84A25-CEFB-4165-9498-2E4BF60E2C0E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de desbordamiento de búfer de memoria dinámica en ImageIO en Apple Mac OS X antes de v10.6.8 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de una imagen TIFF modificada a mano.",
      },
   ],
   id: "CVE-2011-0204",
   lastModified: "2025-04-11T00:51:21.963",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
   },
   published: "2011-06-24T20:55:02.327",
   references: [
      {
         source: "product-security@apple.com",
         url: "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html",
      },
      {
         source: "product-security@apple.com",
         url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html",
      },
      {
         source: "product-security@apple.com",
         url: "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html",
      },
      {
         source: "product-security@apple.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html",
      },
      {
         source: "product-security@apple.com",
         url: "http://osvdb.org/73368",
      },
      {
         source: "product-security@apple.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://support.apple.com/kb/HT4723",
      },
      {
         source: "product-security@apple.com",
         url: "http://support.apple.com/kb/HT4808",
      },
      {
         source: "product-security@apple.com",
         url: "http://support.apple.com/kb/HT4981",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://osvdb.org/73368",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://support.apple.com/kb/HT4723",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://support.apple.com/kb/HT4808",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://support.apple.com/kb/HT4981",
      },
   ],
   sourceIdentifier: "product-security@apple.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-119",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

ghsa-h77j-6rq9-4jc3

Vulnerability from github

Published

2022-05-17 05:36

Modified

2022-05-17 05:36

Details

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2011-0204",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-119",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2011-06-24T20:55:00Z",
      severity: "MODERATE",
   },
   details: "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.",
   id: "GHSA-h77j-6rq9-4jc3",
   modified: "2022-05-17T05:36:46Z",
   published: "2022-05-17T05:36:46Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2011-0204",
      },
      {
         type: "WEB",
         url: "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html",
      },
      {
         type: "WEB",
         url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html",
      },
      {
         type: "WEB",
         url: "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html",
      },
      {
         type: "WEB",
         url: "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html",
      },
      {
         type: "WEB",
         url: "http://osvdb.org/73368",
      },
      {
         type: "WEB",
         url: "http://support.apple.com/kb/HT4723",
      },
      {
         type: "WEB",
         url: "http://support.apple.com/kb/HT4808",
      },
      {
         type: "WEB",
         url: "http://support.apple.com/kb/HT4981",
      },
   ],
   schema_version: "1.4.0",
   severity: [],
}

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image. Apple Mac OS X is prone to a heap buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously discussed in BID 48412 (Apple Mac OS X Prior to 10.6.8 Multiple Security Vulnerabilities) but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6

Safari 5.1 and Safari 5.0.6 are now available and address the following:

CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: In certain situations, Safari may treat a file as HTML, even if it is served with the 'text/plain' content type. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. This issue is addressed through improved handling of 'text/plain' content. CVE-ID CVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability Research (MSVR), Neal Poole of Matasano Security

CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Authenticating to a maliciously crafted website may lead to arbitrary code execution Description: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems. CVE-ID CVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research

CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: A root certificate that is disabled may still be trusted Description: CFNetwork did not properly validate that a certificate was trusted for use by a SSL server. As a result, if the user had marked a system root certificate as not trusted, Safari would still accept certificates signed by that root. This issue is addressed through improved certificate validation. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0214 : An anonymous reporter

ColorSync Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative

CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0201 : Harry Sintonen

CoreGraphics Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team

International Components for Unicode Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's handling of uppercase strings. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure

ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies

ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A reentrancy issue existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP

ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure

libxslt Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap Description: libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0195 : Chris Evans of the Google Chrome Security Team

libxml Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team

Safari Available for: Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: If the "AutoFill web forms" feature is enabled, visiting a maliciously crafted website and typing may lead to the disclosure of information from the user's Address Book Description: Safari's "AutoFill web forms" feature filled in non- visible form fields, and the information was accessible by scripts on the site before the user submitted the form. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form. CVE-ID CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah Grossman]

Safari Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites Description: A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. This issue is addressed by running Java applets in a separate process. CVE-ID CVE-2011-0219 : Joshua Smith of Kaon Interactive

WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability Research (MSVR), wushi of team509, and Yong Li of Research In Motion Ltd CVE-2011-0164 : Apple CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative, wushi of team509 working with iDefense VCP CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0237 : wushi of team509 working with iDefense VCP CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0240 : wushi of team509 working with iDefense VCP CVE-2011-0253 : Richard Keen CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski, wushi of team 509 working with iDefense VCP CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509

WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri

WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. Visiting a maliciously crafted website may lead to an information disclosure. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro

WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. Visiting a maliciously crafted website may lead to a cross-site scripting attack. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24

WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. Visiting a maliciously crafted website may lead to a cross- site scripting attack. CVE-ID CVE-2011-1295 : Sergey Glazunov

WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. A maliciously crafted website may have been able to cause a different URL to be shown in the address bar. CVE-ID CVE-2011-1107 : Jordi Chancel

WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to an information disclosure Description: A canonicalization issue existed in the handling of URLs. Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to arbitrary files being sent from the user's system to a remote server. This update addresses the issue through improved handling of URLs. CVE-ID CVE-2011-0244 : Jason Hullinger

WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content Description: DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching. CVE-ID CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd.

Note: Safari 5.1 is included with OS X Lion.

Safari 5.1 and Safari 5.0.6 address the same set of security issues. Safari 5.1 is provided for Mac OS X v10.6, and Windows systems. Safari 5.0.6 is provided for Mac OS X v10.5 systems.

Safari 5.1 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/

Safari 5.0.6 is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/

Safari for Mac OS X v10.6.8 and later The download file is named: Safari5.1SnowLeopard.dmg Its SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24

Safari for Mac OS X v10.5.8 The download file is named: Safari5.0.6Leopard.dmg Its SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f

Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36

Safari for Windows 7, Vista or XP from the Microsoft Choice Screen The download file is named: Safari_Setup.exe Its SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b

Safari+QuickTime for Windows 7, Vista or XP The file is named: SafariQuickTimeSetup.exe Its SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin)

iQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw up9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD MeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY nKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb vesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/ KD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ= =fOfF -----END PGP SIGNATURE----- . The announcement of the patch can be found here:

http://support.apple.com/kb/HT4723

NGS Secure is going to withhold details of this flaw for three months. This three month window will allow users the time needed to apply the patch before the details are released to the general public. This reflects the NGS Secure approach to responsible disclosure.

NGS Secure Research http://www.ngssecure.com

. Description: Multiple memory corruption issues existed in WebKit. ----------------------------------------------------------------------

Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/

TITLE: Apple Mac OS X Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA45054

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45054/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45054

RELEASE DATE: 2011-06-25

DISCUSS ADVISORY: http://secunia.com/advisories/45054/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/45054/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=45054

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

1) An error within AirPort when handling Wi-Fi frames can be exploited to trigger an out-of-bounds memory access and cause a system reset.

2) An error within App Store may lead to a user's AppleID password being logged to a local file.

3) An unspecified error in the handling of embedded TrueType fonts in Apple Type Services (ATS) can be exploited to cause a heap-based buffer overflow when a specially crafted document is viewed or downloaded.

4) An error within Certificate Trust Policy when handling an Extended Validation (EV) certificate with no OCSP URL can be exploited to disclose certain sensitive information via Man-in-the-Middle (MitM) attacks.

7) An integer overflow error in CoreGraphics when handling PDF files containing Type 1 fonts can be exploited to cause a buffer overflow via a specially crafted PDF file.

8) A path validation error within xftpd can be exploited to perform a recursive directory listing and disclose the list of otherwise restricted files.

9) An error in ImageIO within the handling of TIFF files can be exploited to cause a heap-based buffer overflow.

10) An error in ImageIO within the handling of JPEG2000 files can be exploited to cause a heap-based buffer overflow.

11) An error within ICU (International Components for Unicode) when handling certain uppercase strings can be exploited to cause a buffer overflow.

12) A NULL pointer dereference error within the kernel when handling IPV6 socket options can be exploited to cause a system reset.

13) An error within Libsystem when using the glob(3) API can be exploited to cause a high CPU consumption.

14) An error within libxslt can be exploited to disclose certain addresses from the heap.

For more information see vulnerability #2 in: SA43832

15) An error exists within MobileMe when determining a user's email aliases. This can be exploited to disclose a user's MobileMe email aliases via Man-in-the-Middle (MitM) attacks.

16) Some vulnerabilities are caused due to a vulnerable bundled version of MySQL.

For more information: SA41048 SA41716

17) Some vulnerabilities are caused due to a vulnerable bundled version of OpenSSL.

For more information: SA37291 SA38807 SA42243 SA42473 SA43227

18) A vulnerability is caused due to a vulnerable bundled version of GNU patch.

For more information: SA43677

19) An unspecified error in QuickLook within the processing of Microsoft Office files can be exploited to corrupt memory, which may allow execution of arbitrary code.

20) An integer overflow error in QuickTime when handling RIFF WAV files can be exploited to execute arbitrary code.

21) An error within QuickTime when processing sample tables in QuickTime movie files can be exploited to corrupt memory, which may allow execution of arbitrary code.

22) An integer overflow error in QuickTime when handling certain movie files can be exploited to execute arbitrary code.

25) Some vulnerabilities are caused due to a vulnerable bundled version of Samba.

For more information: SA41354 SA43512

26) An error in servermgrd when handling XML-RPC requests can be exploited to disclose arbitrary files from the local resources.

27) A vulnerability is caused due to a vulnerable bundled version of subversion.

For more information: SA43603

SOLUTION: Update to version 10.6.8 or apply Security Update 2011-004.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Paul Nelson 3) Marc Schoenefeld, Red Hat Security Response Team and Harry Sintonen 4) Chris Hawk and Wan-Teh Chang, Google 5) binaryproof via ZDI 6) Harry Sintonen 7) Cristian Draghici, Modulo Consulting and Felix Grobert, Google Security Team 8) team karlkani 9) Dominic Chell, NGS Secure 10) Harry Sintonen 11) David Bienvenu, Mozilla 12) Thomas Clement, Intego 13) Maksymilian Arciemowicz 14) Chris Evans, Google Chrome Security Team 15) Aaron Sigel, vtty.com 19)Tobias Klein via iDefense 20, 22) Luigi Auriemma via ZDI 21) Honggang Ren, Fortinet's FortiGuard Labs 23) Subreption LLC via ZDI 24) Luigi Auriemma via iDefense

1, 26) Reported by the vendor

ORIGINAL ADVISORY: Apple Security Update 2011-004: http://support.apple.com/kb/HT4723

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-201106-0155",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "mac os x server",
            scope: "eq",
            trust: 1.6,
            vendor: "apple",
            version: "10.6.7",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 1.6,
            vendor: "apple",
            version: "10.6.2",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 1.6,
            vendor: "apple",
            version: "10.6.3",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 1.6,
            vendor: "apple",
            version: "10.6.5",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 1.6,
            vendor: "apple",
            version: "10.6.4",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 1.6,
            vendor: "apple",
            version: "10.6.1",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 1.6,
            vendor: "apple",
            version: "10.5.8",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 1.6,
            vendor: "apple",
            version: "10.6.6",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 1.6,
            vendor: "apple",
            version: "10.6.0",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "10.6.1",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "10.6.5",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "10.6.7",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "10.6.0",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "10.5.8",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "10.6.3",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "10.6.4",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "10.6.2",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "10.6.6",
         },
         {
            model: "imageio",
            scope: "eq",
            trust: 1,
            vendor: "apple",
            version: "*",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 0.8,
            vendor: "apple",
            version: "v10.5.8",
         },
         {
            model: "mac os x",
            scope: "eq",
            trust: 0.8,
            vendor: "apple",
            version: "v10.6 to  v10.6.7",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 0.8,
            vendor: "apple",
            version: "v10.5.8",
         },
         {
            model: "mac os x server",
            scope: "eq",
            trust: 0.8,
            vendor: "apple",
            version: "v10.6 to  v10.6.7",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.8,
            vendor: "apple",
            version: "5",
         },
         {
            model: "imageio",
            scope: null,
            trust: 0.6,
            vendor: "apple",
            version: null,
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "8.0.2.20",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.1",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.1",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.6",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "9.0.1.8",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "8.0",
         },
         {
            model: "safari",
            scope: "ne",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.6",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.6",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.5",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0.1",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.3",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.1.1",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.5",
         },
         {
            model: "safari for windows",
            scope: "ne",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.6",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "9.0.1",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.1",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5",
         },
         {
            model: "mac os server",
            scope: "ne",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.8",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.7",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.4",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.2",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.7",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.5",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.1",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.4",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "10.2.2",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.1.2",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "8.2",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.1.2",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.4",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0.2",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0.4",
         },
         {
            model: "safari",
            scope: "ne",
            trust: 0.3,
            vendor: "apple",
            version: "5.1",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.1",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.8",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.5",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.2",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.2",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.2",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0.5",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.3",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "8.1",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "9.0.2",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.6",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.3",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "9.1",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0.4",
         },
         {
            model: "safari for windows",
            scope: "ne",
            trust: 0.3,
            vendor: "apple",
            version: "5.1",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "10.1",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "10.2",
         },
         {
            model: "itunes",
            scope: "ne",
            trust: 0.3,
            vendor: "apple",
            version: "10.5",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.4",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "9.2.1",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "10",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.2",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.1",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.7",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.1.3",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.5",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.4",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.1.3",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0.5",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.1",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.3",
         },
         {
            model: "safari beta",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.3",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.5",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0.3",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.8",
         },
         {
            model: "safari for windows",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0.3",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "9.2",
         },
         {
            model: "mac os",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.5.2",
         },
         {
            model: "itunes",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "9.0",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "5.0.4",
         },
         {
            model: "safari",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "4.0.2",
         },
         {
            model: "mac os server",
            scope: "eq",
            trust: 0.3,
            vendor: "apple",
            version: "x10.6.3",
         },
      ],
      sources: [
         {
            db: "BID",
            id: "48437",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201106-309",
         },
         {
            db: "NVD",
            id: "CVE-2011-0204",
         },
      ],
   },
   configurations: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/configurations#",
         children: {
            "@container": "@list",
         },
         cpe_match: {
            "@container": "@list",
         },
         data: {
            "@container": "@list",
         },
         nodes: {
            "@container": "@list",
         },
      },
      data: [
         {
            CVE_data_version: "4.0",
            nodes: [
               {
                  cpe_match: [
                     {
                        cpe22Uri: "cpe:/o:apple:mac_os_x",
                        vulnerable: true,
                     },
                     {
                        cpe22Uri: "cpe:/o:apple:mac_os_x_server",
                        vulnerable: true,
                     },
                     {
                        cpe22Uri: "cpe:/a:apple:safari",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
      ],
   },
   credits: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/credits#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Dominic Chell of NGS Secure\n<br>",
      sources: [
         {
            db: "BID",
            id: "48437",
         },
      ],
      trust: 0.3,
   },
   cve: "CVE-2011-0204",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [
               {
                  accessComplexity: "MEDIUM",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "nvd@nist.gov",
                  availabilityImpact: "PARTIAL",
                  baseScore: 6.8,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 8.6,
                  id: "CVE-2011-0204",
                  impactScore: 6.4,
                  integrityImpact: "PARTIAL",
                  severity: "MEDIUM",
                  trust: 1.8,
                  vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                  version: "2.0",
               },
               {
                  accessComplexity: "MEDIUM",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "VULHUB",
                  availabilityImpact: "PARTIAL",
                  baseScore: 6.8,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 8.6,
                  id: "VHN-48149",
                  impactScore: 6.4,
                  integrityImpact: "PARTIAL",
                  severity: "MEDIUM",
                  trust: 0.1,
                  vectorString: "AV:N/AC:M/AU:N/C:P/I:P/A:P",
                  version: "2.0",
               },
            ],
            cvssV3: [],
            severity: [
               {
                  author: "nvd@nist.gov",
                  id: "CVE-2011-0204",
                  trust: 1,
                  value: "MEDIUM",
               },
               {
                  author: "NVD",
                  id: "CVE-2011-0204",
                  trust: 0.8,
                  value: "Medium",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-201106-309",
                  trust: 0.6,
                  value: "MEDIUM",
               },
               {
                  author: "VULHUB",
                  id: "VHN-48149",
                  trust: 0.1,
                  value: "MEDIUM",
               },
            ],
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-48149",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201106-309",
         },
         {
            db: "NVD",
            id: "CVE-2011-0204",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image. Apple Mac OS X is prone to a heap buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit this issue to execute arbitrary code within the  context of the affected application. Failed exploit attempts will result  in a denial-of-service condition. \nNOTE: This issue was previously discussed in BID 48412 (Apple Mac OS X Prior to 10.6.8 Multiple Security Vulnerabilities) but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6\n\nSafari 5.1 and Safari 5.0.6 are now available and address the\nfollowing:\n\nCFNetwork\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  In certain situations, Safari may treat a file as HTML,\neven if it is served with the 'text/plain' content type. This may\nlead to a cross-site scripting attack on sites that allow untrusted\nusers to post text files. This issue is addressed through improved\nhandling of 'text/plain' content. \nCVE-ID\nCVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability\nResearch (MSVR), Neal Poole of Matasano Security\n\nCFNetwork\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Authenticating to a maliciously crafted website may lead to\narbitrary code execution\nDescription:  The NTLM authentication protocol is susceptible to a\nreplay attack referred to as credential reflection. Authenticating to\na maliciously crafted website may lead to arbitrary code execution. \nTo mitigate this issue, Safari has been updated to utilize protection\nmechanisms recently added to Windows. This issue does not affect Mac\nOS X systems. \nCVE-ID\nCVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research\n\nCFNetwork\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  A root certificate that is disabled may still be trusted\nDescription:  CFNetwork did not properly validate that a certificate\nwas trusted for use by a SSL server. As a result, if the user had\nmarked a system root certificate as not trusted, Safari would still\naccept certificates signed by that root. This issue is addressed\nthrough improved certificate validation. This issue does not affect\nMac OS X systems. \nCVE-ID\nCVE-2011-0214 : An anonymous reporter\n\nColorSync\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Viewing a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution\nDescription:  An integer overflow existed in the handling of images\nwith an embedded ColorSync profile, which may lead to a heap buffer\noverflow. Opening a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.5 systems, this issue\nis addressed in Security Update 2011-004. \nCVE-ID\nCVE-2011-0200 : binaryproof working with TippingPoint's Zero Day\nInitiative\n\nCoreFoundation\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Applications that use the CoreFoundation framework may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription:  An off-by-one buffer overflow issue existed in the\nhandling of CFStrings. For Mac OS X v10.6 systems, this issue\nis addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0201 : Harry Sintonen\n\nCoreGraphics\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  An integer overflow issue existed in the handling of\nType 1 fonts. Viewing or downloading a document containing a\nmaliciously crafted embedded font may lead to arbitrary code\nexecution. For Mac OS X v10.6 systems, this issue is addressed in Mac\nOS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in\nSecurity Update 2011-004. \nCVE-ID\nCVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert\nof the Google Security Team\n\nInternational Components for Unicode\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription:  A buffer overflow issue existed in ICU's handling of\nuppercase strings. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nImageIO\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A heap buffer overflow existed in ImageIO's handling of\nCCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF\nimage may lead to an unexpected application termination or arbitrary\ncode execution. \nCVE-ID\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\n\nImageIO\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A reentrancy issue existed in ImageIO's handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. This\nissue does not affect Mac OS X systems. \nCVE-ID\nCVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP\n\nImageIO\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A heap buffer overflow existed in ImageIO's handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nlibxslt\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of addresses on the heap\nDescription:  libxslt's implementation of the generate-id() XPath\nfunction disclosed the address of a heap buffer. Visiting a\nmaliciously crafted website may lead to the disclosure of addresses\non the heap. This issue is addressed by generating an ID based on the\ndifference between the addresses of two heap buffers. For Mac OS X\nv10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac\nOS X v10.5 systems, this issue is addressed in Security Update\n2011-004. \nCVE-ID\nCVE-2011-0195 : Chris Evans of the Google Chrome Security Team\n\nlibxml\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A one-byte heap buffer overflow existed in libxml's\nhandling of XML data. \nCVE-ID\nCVE-2011-0216 : Billy Rios of the Google Security Team\n\nSafari\nAvailable for:  Mac OS X v10.6.8 or later,\nMac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later\nImpact:  If the \"AutoFill web forms\" feature is enabled, visiting a\nmaliciously crafted website and typing may lead to the disclosure of\ninformation from the user's Address Book\nDescription:  Safari's \"AutoFill web forms\" feature filled in non-\nvisible form fields, and the information was accessible by scripts on\nthe site before the user submitted the form. This issue is addressed\nby displaying all fields that will be filled, and requiring the\nuser's consent before AutoFill information is available to the form. \nCVE-ID\nCVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah\nGrossman]\n\nSafari\nAvailable for:  Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact:  With a certain Java configuration, visiting a malicious\nwebsite may lead to unexpected text being displayed on other sites\nDescription:  A cross origin issue existed in the handling of Java\nApplets. This applies when Java is enabled in Safari, and Java is\nconfigured to run within the browser process. Fonts loaded by a Java\napplet could affect the display of text content from other sites. \nThis issue is addressed by running Java applets in a separate\nprocess. \nCVE-ID\nCVE-2011-0219 : Joshua Smith of Kaon Interactive\n\nWebKit\nAvailable for:  Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in WebKit. \nCVE-ID\nCVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability\nResearch (MSVR), wushi of team509, and Yong Li of Research In Motion\nLtd\nCVE-2011-0164 : Apple\nCVE-2011-0218 : SkyLined of Google Chrome Security Team\nCVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS\nResearch Team, and Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with\niDefense VCP\nCVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative\nCVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day\nInitiative\nCVE-2011-0234 : Rob King working with TippingPoint's Zero Day\nInitiative, wushi of team509 working with TippingPoint's Zero Day\nInitiative, wushi of team509 working with iDefense VCP\nCVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0237 : wushi of team509 working with iDefense VCP\nCVE-2011-0238 : Adam Barth of Google Chrome Security Team\nCVE-2011-0240 : wushi of team509 working with iDefense VCP\nCVE-2011-0253 : Richard Keen\nCVE-2011-0254 : An anonymous researcher working with TippingPoint's\nZero Day Initiative\nCVE-2011-0255 : An anonymous researcher working with TippingPoint's\nZero Day Initiative\nCVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc\nCVE-2011-0983 : Martin Barbella\nCVE-2011-1109 : Sergey Glazunov\nCVE-2011-1114 : Martin Barbella\nCVE-2011-1115 : Martin Barbella\nCVE-2011-1117 : wushi of team509\nCVE-2011-1121 : miaubiz\nCVE-2011-1188 : Martin Barbella\nCVE-2011-1203 : Sergey Glazunov\nCVE-2011-1204 : Sergey Glazunov\nCVE-2011-1288 : Andreas Kling of Nokia\nCVE-2011-1293 : Sergey Glazunov\nCVE-2011-1296 : Sergey Glazunov\nCVE-2011-1449 : Marek Majkowski, wushi of team 509 working with\niDefense VCP\nCVE-2011-1451 : Sergey Glazunov\nCVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day\nInitiative\nCVE-2011-1457 : John Knottenbelt of Google\nCVE-2011-1462 : wushi of team509\nCVE-2011-1797 : wushi of team509\n\nWebKit\nAvailable for:  Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact:  Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription:  A configuration issue existed in WebKit's use of\nlibxslt. Visiting a maliciously crafted website may lead to arbitrary\nfiles being created with the privileges of the user, which may lead\nto arbitrary code execution. This issue is addressed through improved\nlibxslt security settings. \nCVE-ID\nCVE-2011-1774 : Nicolas Gregoire of Agarri\n\nWebKit\nAvailable for:  Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact:  Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription:  A cross-origin issue existed in the handling of Web\nWorkers. Visiting a maliciously crafted website may lead to an\ninformation disclosure. \nCVE-ID\nCVE-2011-1190 : Daniel Divricean of divricean.ro\n\nWebKit\nAvailable for:  Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of URLs\nwith an embedded username. Visiting a maliciously crafted website may\nlead to a cross-site scripting attack. This issue is addressed\nthrough improved handling of URLs with an embedded username. \nCVE-ID\nCVE-2011-0242 : Jobert Abma of Online24\n\nWebKit\nAvailable for:  Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of DOM\nnodes. Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack. \nCVE-ID\nCVE-2011-1295 : Sergey Glazunov\n\nWebKit\nAvailable for:  Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact:  A maliciously crafted website may be able to cause a\ndifferent URL to be shown in the address bar\nDescription:  A URL spoofing issue existed in the handling of the DOM\nhistory object. A maliciously crafted website may have been able to\ncause a different URL to be shown in the address bar. \nCVE-ID\nCVE-2011-1107 : Jordi Chancel\n\nWebKit\nAvailable for:  Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact:  Subscribing to a maliciously crafted RSS feed and clicking\non a link within it may lead to an information disclosure\nDescription:  A canonicalization issue existed in the handling of\nURLs. Subscribing to a maliciously crafted RSS feed and clicking on a\nlink within it may lead to arbitrary files being sent from the user's\nsystem to a remote server. This update addresses the issue through\nimproved handling of URLs. \nCVE-ID\nCVE-2011-0244 : Jason Hullinger\n\nWebKit\nAvailable for:  Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact:  Applications that use WebKit, such as mail clients, may\nconnect to an arbitrary DNS server upon processing HTML content\nDescription:  DNS prefetching was enabled by default in WebKit. \nApplications that use WebKit, such a s mail clients, may connect to\nan arbitrary DNS server upon processing HTML content. This update\naddresses the issue by requiring applications to opt in to DNS\nprefetching. \nCVE-ID\nCVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd. \n\n\nNote: Safari 5.1 is included with OS X Lion. \n\n\nSafari 5.1 and Safari 5.0.6 address the same set of security\nissues. Safari 5.1 is provided for Mac OS X v10.6,\nand Windows systems. Safari 5.0.6 is provided for\nMac OS X v10.5 systems. \n\nSafari 5.1 is available via the Apple Software Update\napplication, or Apple's Safari download site at:\nhttp://www.apple.com/safari/download/\n\nSafari 5.0.6 is available via the Apple Software Update\napplication, or Apple's Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nSafari for Mac OS X v10.6.8 and later\nThe download file is named: Safari5.1SnowLeopard.dmg\nIts SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24\n\nSafari for Mac OS X v10.5.8\nThe download file is named: Safari5.0.6Leopard.dmg\nIts SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f\n\nSafari for Windows 7, Vista or XP\nThe download file is named: SafariSetup.exe\nIts SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36\n\nSafari for Windows 7, Vista or XP from the Microsoft Choice Screen\nThe download file is named: Safari_Setup.exe\nIts SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b\n\nSafari+QuickTime for Windows 7, Vista or XP\nThe file is named: SafariQuickTimeSetup.exe\nIts SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.9 (Darwin)\n\niQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw\nup9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD\nMeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY\nnKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb\nvesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/\nKD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ=\n=fOfF\n-----END PGP SIGNATURE-----\n. The announcement of the patch can be found here:\n\nhttp://support.apple.com/kb/HT4723\n\nNGS Secure is going to withhold details of this flaw for three months. This three month window will allow users the time needed to apply the patch before the details are released to the general public. This reflects the NGS Secure approach to responsible disclosure. \n\nNGS Secure Research\nhttp://www.ngssecure.com\n\n. \nDescription:  Multiple memory corruption issues existed in WebKit. ----------------------------------------------------------------------\n\n\nFrost & Sullivan 2011 Report: Secunia Vulnerability Research\n\\\"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\\\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. \nRead the report here:\nhttp://secunia.com/products/corporate/vim/fs_request_2011/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Mac OS X Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45054\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45054/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory&vuln_id=45054\n\nRELEASE DATE:\n2011-06-25\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45054/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45054/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory&vuln_id=45054\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nApple has issued a security update for Mac OS X, which fixes multiple\nvulnerabilities. \n\n1) An error within AirPort when handling Wi-Fi frames can be\nexploited to trigger an out-of-bounds memory access and cause a\nsystem reset. \n\n2) An error within App Store may lead to a user's AppleID password\nbeing logged to a local file. \n\n3) An unspecified error in the handling of embedded TrueType fonts in\nApple Type Services (ATS) can be exploited to cause a heap-based\nbuffer overflow when a specially crafted document is viewed or\ndownloaded. \n\n4) An error within Certificate Trust Policy when handling an Extended\nValidation (EV) certificate with no OCSP URL can be exploited to\ndisclose certain sensitive information via Man-in-the-Middle (MitM)\nattacks. \n\n7) An integer overflow error in CoreGraphics when handling PDF files\ncontaining Type 1 fonts can be exploited to cause a buffer overflow\nvia a specially crafted PDF file. \n\n8) A path validation error within xftpd can be exploited to perform a\nrecursive directory listing and disclose the list of otherwise\nrestricted files. \n\n9) An error in ImageIO within the handling of TIFF files can be\nexploited to cause a heap-based buffer overflow. \n\n10) An error in ImageIO within the handling of JPEG2000 files can be\nexploited to cause a heap-based buffer overflow. \n\n11) An error within ICU (International Components for Unicode) when\nhandling certain uppercase strings can be exploited to cause a buffer\noverflow. \n\n12) A NULL pointer dereference error within the kernel when handling\nIPV6 socket options can be exploited to cause a system reset. \n\n13) An error within Libsystem when using the glob(3) API can be\nexploited to cause a high CPU consumption. \n\n14) An error within libxslt can be exploited to disclose certain\naddresses from the heap. \n\nFor more information see vulnerability #2 in:\nSA43832\n\n15) An error exists within MobileMe when determining a user's email\naliases. This can be exploited to disclose a user's MobileMe email\naliases via Man-in-the-Middle (MitM) attacks. \n\n16) Some vulnerabilities are caused due to a vulnerable bundled\nversion of MySQL. \n\nFor more information:\nSA41048\nSA41716\n\n17) Some vulnerabilities are caused due to a vulnerable bundled\nversion of OpenSSL. \n\nFor more information:\nSA37291\nSA38807\nSA42243\nSA42473\nSA43227\n\n18) A vulnerability is caused due to a vulnerable bundled version of\nGNU patch. \n\nFor more information:\nSA43677\n\n19) An unspecified error in QuickLook within the processing of\nMicrosoft Office files can be exploited to corrupt memory, which may\nallow execution of arbitrary code. \n\n20) An integer overflow error in QuickTime when handling RIFF WAV\nfiles can be exploited to execute arbitrary code. \n\n21) An error within QuickTime when processing sample tables in\nQuickTime movie files can be exploited to corrupt memory, which may\nallow execution of arbitrary code. \n\n22) An integer overflow error in QuickTime when handling certain\nmovie files can be exploited to execute arbitrary code. \n\n25) Some vulnerabilities are caused due to a vulnerable bundled\nversion of Samba. \n\nFor more information:\nSA41354\nSA43512\n\n26) An error in servermgrd when handling XML-RPC requests can be\nexploited to disclose arbitrary files from the local resources. \n\n27) A vulnerability is caused due to a vulnerable bundled version of\nsubversion. \n\nFor more information:\nSA43603\n\nSOLUTION:\nUpdate to version 10.6.8 or apply Security Update 2011-004. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Paul Nelson\n3) Marc Schoenefeld, Red Hat Security Response Team and Harry\nSintonen\n4) Chris Hawk and Wan-Teh Chang, Google\n5) binaryproof via ZDI\n6) Harry Sintonen\n7) Cristian Draghici, Modulo Consulting and Felix Grobert, Google\nSecurity Team\n8) team karlkani\n9) Dominic Chell, NGS Secure\n10) Harry Sintonen\n11) David Bienvenu, Mozilla\n12) Thomas Clement, Intego\n13) Maksymilian Arciemowicz\n14) Chris Evans, Google Chrome Security Team\n15) Aaron Sigel, vtty.com\n19)Tobias Klein via iDefense\n20, 22) Luigi Auriemma via ZDI\n21) Honggang Ren, Fortinet's FortiGuard Labs\n23) Subreption LLC via ZDI\n24) Luigi Auriemma via iDefense\n\n1, 26) Reported by the vendor\n\nORIGINAL ADVISORY:\nApple Security Update 2011-004:\nhttp://support.apple.com/kb/HT4723\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
      sources: [
         {
            db: "NVD",
            id: "CVE-2011-0204",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
         {
            db: "BID",
            id: "48437",
         },
         {
            db: "VULHUB",
            id: "VHN-48149",
         },
         {
            db: "PACKETSTORM",
            id: "103216",
         },
         {
            db: "PACKETSTORM",
            id: "102800",
         },
         {
            db: "PACKETSTORM",
            id: "105708",
         },
         {
            db: "PACKETSTORM",
            id: "102569",
         },
      ],
      trust: 2.34,
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2011-0204",
            trust: 3.1,
         },
         {
            db: "OSVDB",
            id: "73368",
            trust: 1.1,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
            trust: 0.8,
         },
         {
            db: "CNNVD",
            id: "CNNVD-201106-309",
            trust: 0.7,
         },
         {
            db: "SECUNIA",
            id: "45054",
            trust: 0.7,
         },
         {
            db: "APPLE",
            id: "APPLE-SA-2011-06-23-1",
            trust: 0.6,
         },
         {
            db: "NSFOCUS",
            id: "17108",
            trust: 0.6,
         },
         {
            db: "NSFOCUS",
            id: "17909",
            trust: 0.6,
         },
         {
            db: "NSFOCUS",
            id: "17121",
            trust: 0.6,
         },
         {
            db: "BID",
            id: "48437",
            trust: 0.4,
         },
         {
            db: "PACKETSTORM",
            id: "102800",
            trust: 0.2,
         },
         {
            db: "VULHUB",
            id: "VHN-48149",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "103216",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "105708",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "102569",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-48149",
         },
         {
            db: "BID",
            id: "48437",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
         {
            db: "PACKETSTORM",
            id: "103216",
         },
         {
            db: "PACKETSTORM",
            id: "102800",
         },
         {
            db: "PACKETSTORM",
            id: "105708",
         },
         {
            db: "PACKETSTORM",
            id: "102569",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201106-309",
         },
         {
            db: "NVD",
            id: "CVE-2011-0204",
         },
      ],
   },
   id: "VAR-201106-0155",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "VULHUB",
            id: "VHN-48149",
         },
      ],
      trust: 0.01,
   },
   last_update_date: "2024-11-23T20:53:19.840000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "HT4723",
            trust: 0.8,
            url: "http://support.apple.com/kb/HT4723",
         },
         {
            title: "HT4808",
            trust: 0.8,
            url: "http://support.apple.com/kb/HT4808",
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-119",
            trust: 1.9,
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-48149",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
         {
            db: "NVD",
            id: "CVE-2011-0204",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 1.9,
            url: "http://support.apple.com/kb/ht4723",
         },
         {
            trust: 1.7,
            url: "http://lists.apple.com/archives/security-announce/2011//jun/msg00000.html",
         },
         {
            trust: 1.1,
            url: "http://lists.apple.com/archives/security-announce/2011//jul/msg00002.html",
         },
         {
            trust: 1.1,
            url: "http://lists.apple.com/archives/security-announce/2011//oct/msg00000.html",
         },
         {
            trust: 1.1,
            url: "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html",
         },
         {
            trust: 1.1,
            url: "http://support.apple.com/kb/ht4808",
         },
         {
            trust: 1.1,
            url: "http://support.apple.com/kb/ht4981",
         },
         {
            trust: 1.1,
            url: "http://osvdb.org/73368",
         },
         {
            trust: 0.8,
            url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0204",
         },
         {
            trust: 0.8,
            url: "http://jvn.jp/cert/jvnvu976710",
         },
         {
            trust: 0.8,
            url: "http://jvn.jp/cert/jvnvu781747",
         },
         {
            trust: 0.8,
            url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0204",
         },
         {
            trust: 0.6,
            url: "http://secunia.com/advisories/45054",
         },
         {
            trust: 0.6,
            url: "http://www.nsfocus.net/vulndb/17121",
         },
         {
            trust: 0.6,
            url: "http://www.nsfocus.net/vulndb/17108",
         },
         {
            trust: 0.6,
            url: "http://www.nsfocus.net/vulndb/17909",
         },
         {
            trust: 0.3,
            url: "http://www.apple.com/macosx/",
         },
         {
            trust: 0.3,
            url: "/archive/1/520068",
         },
         {
            trust: 0.3,
            url: "/archive/1/518637",
         },
         {
            trust: 0.3,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0204",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0235",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0240",
         },
         {
            trust: 0.2,
            url: "http://support.apple.com/kb/ht1222",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0237",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0200",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0238",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0233",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0234",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0223",
         },
         {
            trust: 0.2,
            url: "https://www.apple.com/support/security/pgp/",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0215",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0222",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0164",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0221",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0218",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0225",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0232",
         },
         {
            trust: 0.2,
            url: "https://nvd.nist.gov/vuln/detail/cve-2010-1823",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2010-1420",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0206",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0214",
         },
         {
            trust: 0.1,
            url: "http://www.apple.com/support/downloads/",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0201",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0219",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0202",
         },
         {
            trust: 0.1,
            url: "http://www.apple.com/safari/download/",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0217",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0216",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2010-1383",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0195",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2010-3829",
         },
         {
            trust: 0.1,
            url: "http://www.ngssecure.com",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0259",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0253",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0254",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0983",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-1117",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-1109",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-1115",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-1121",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0255",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-0981",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2011-1114",
         },
         {
            trust: 0.1,
            url: "http://www.apple.com/itunes/download/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/products/corporate/vim/fs_request_2011/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/45054/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/vulnerability_intelligence/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/secunia_security_advisories/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/vulnerability_scanning/personal/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org",
         },
         {
            trust: 0.1,
            url: "https://ca.secunia.com/?page=viewadvisory&vuln_id=45054",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/45054/#comments",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/about_secunia_advisories/",
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-48149",
         },
         {
            db: "BID",
            id: "48437",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
         {
            db: "PACKETSTORM",
            id: "103216",
         },
         {
            db: "PACKETSTORM",
            id: "102800",
         },
         {
            db: "PACKETSTORM",
            id: "105708",
         },
         {
            db: "PACKETSTORM",
            id: "102569",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201106-309",
         },
         {
            db: "NVD",
            id: "CVE-2011-0204",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "VULHUB",
            id: "VHN-48149",
         },
         {
            db: "BID",
            id: "48437",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
         {
            db: "PACKETSTORM",
            id: "103216",
         },
         {
            db: "PACKETSTORM",
            id: "102800",
         },
         {
            db: "PACKETSTORM",
            id: "105708",
         },
         {
            db: "PACKETSTORM",
            id: "102569",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201106-309",
         },
         {
            db: "NVD",
            id: "CVE-2011-0204",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2011-06-24T00:00:00",
            db: "VULHUB",
            id: "VHN-48149",
         },
         {
            date: "2011-06-23T00:00:00",
            db: "BID",
            id: "48437",
         },
         {
            date: "2011-07-06T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
         {
            date: "2011-07-21T14:16:35",
            db: "PACKETSTORM",
            id: "103216",
         },
         {
            date: "2011-07-05T14:18:01",
            db: "PACKETSTORM",
            id: "102800",
         },
         {
            date: "2011-10-12T02:01:36",
            db: "PACKETSTORM",
            id: "105708",
         },
         {
            date: "2011-06-24T11:18:16",
            db: "PACKETSTORM",
            id: "102569",
         },
         {
            date: "2011-06-27T00:00:00",
            db: "CNNVD",
            id: "CNNVD-201106-309",
         },
         {
            date: "2011-06-24T20:55:02.327000",
            db: "NVD",
            id: "CVE-2011-0204",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2011-11-24T00:00:00",
            db: "VULHUB",
            id: "VHN-48149",
         },
         {
            date: "2011-10-11T19:00:00",
            db: "BID",
            id: "48437",
         },
         {
            date: "2011-08-01T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
         {
            date: "2011-06-28T00:00:00",
            db: "CNNVD",
            id: "CNNVD-201106-309",
         },
         {
            date: "2024-11-21T01:23:32.340000",
            db: "NVD",
            id: "CVE-2011-0204",
         },
      ],
   },
   threat_type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "remote",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-201106-309",
         },
      ],
      trust: 0.6,
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Apple Mac OS X of  ImageIO Heap-based buffer overflow vulnerability",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2011-001832",
         },
      ],
      trust: 0.8,
   },
   type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "buffer overflow",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-201106-309",
         },
      ],
      trust: 0.6,
   },
}

gsd-2011-0204

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.

Aliases

CVE-2011-0204

Aliases

CVE-2011-0204

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2011-0204",
      description: "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.",
      id: "GSD-2011-0204",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2011-0204",
         ],
         details: "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.",
         id: "GSD-2011-0204",
         modified: "2023-12-13T01:19:04.146997Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "product-security@apple.com",
            ID: "CVE-2011-0204",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "n/a",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "n/a",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "n/a",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "n/a",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "http://support.apple.com/kb/HT4723",
                  refsource: "CONFIRM",
                  url: "http://support.apple.com/kb/HT4723",
               },
               {
                  name: "http://support.apple.com/kb/HT4981",
                  refsource: "CONFIRM",
                  url: "http://support.apple.com/kb/HT4981",
               },
               {
                  name: "20110628 NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow",
                  refsource: "BUGTRAQ",
                  url: "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html",
               },
               {
                  name: "APPLE-SA-2011-10-11-1",
                  refsource: "APPLE",
                  url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html",
               },
               {
                  name: "APPLE-SA-2011-06-23-1",
                  refsource: "APPLE",
                  url: "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html",
               },
               {
                  name: "http://support.apple.com/kb/HT4808",
                  refsource: "CONFIRM",
                  url: "http://support.apple.com/kb/HT4808",
               },
               {
                  name: "APPLE-SA-2011-07-20-1",
                  refsource: "APPLE",
                  url: "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html",
               },
               {
                  name: "73368",
                  refsource: "OSVDB",
                  url: "http://osvdb.org/73368",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:apple:imageio:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: false,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:apple:imageio:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "product-security@apple.com",
               ID: "CVE-2011-0204",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "CWE-119",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://support.apple.com/kb/HT4723",
                     refsource: "CONFIRM",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "http://support.apple.com/kb/HT4723",
                  },
                  {
                     name: "APPLE-SA-2011-06-23-1",
                     refsource: "APPLE",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4808",
                     refsource: "CONFIRM",
                     tags: [],
                     url: "http://support.apple.com/kb/HT4808",
                  },
                  {
                     name: "APPLE-SA-2011-07-20-1",
                     refsource: "APPLE",
                     tags: [],
                     url: "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html",
                  },
                  {
                     name: "APPLE-SA-2011-10-11-1",
                     refsource: "APPLE",
                     tags: [],
                     url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4981",
                     refsource: "CONFIRM",
                     tags: [],
                     url: "http://support.apple.com/kb/HT4981",
                  },
                  {
                     name: "20110628 NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow",
                     refsource: "BUGTRAQ",
                     tags: [],
                     url: "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html",
                  },
                  {
                     name: "73368",
                     refsource: "OSVDB",
                     tags: [],
                     url: "http://osvdb.org/73368",
                  },
               ],
            },
         },
         impact: {
            baseMetricV2: {
               cvssV2: {
                  accessComplexity: "MEDIUM",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  availabilityImpact: "PARTIAL",
                  baseScore: 6.8,
                  confidentialityImpact: "PARTIAL",
                  integrityImpact: "PARTIAL",
                  vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                  version: "2.0",
               },
               exploitabilityScore: 8.6,
               impactScore: 6.4,
               obtainAllPrivilege: false,
               obtainOtherPrivilege: false,
               obtainUserPrivilege: false,
               severity: "MEDIUM",
               userInteractionRequired: true,
            },
         },
         lastModifiedDate: "2011-11-24T03:54Z",
         publishedDate: "2011-06-24T20:55Z",
      },
   },
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2011-0204

Vulnerability from cvelistv5

fkie_cve-2011-0204

Vulnerability from fkie_nvd

ghsa-h77j-6rq9-4jc3

Vulnerability from github

var-201106-0155

Vulnerability from variot

gsd-2011-0204

Vulnerability from gsd

Tags

Sightings

Nomenclature