var-201001-0684
Vulnerability from variot
Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. Apple Mac OS X is prone to a buffer-overflow vulnerability that affects the CoreAudio component. Successful exploits may allow attackers to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service condition. The following versions are affected: Mac OS X 10.5.8 and prior Mac OS X Server 10.5.8 and prior Mac OS X 10.6.2 and prior Mac OS X Server 10.6.2 and prior. Users who are tricked into opening malicious mp4 files can cause denial of service or execute arbitrary commands.
2) An error in CUPS can be exploited to cause a DoS (Denial of Service).
For more information: SA37364
3) Multiple vulnerabilities in the Flash Player plug-in can be exploited to gain knowledge of system information or compromise a user's system.
For more information: SA37584
4) A vulnerability in ImageIO can be exploited to cause a DoS or to potentially compromise a user's system.
For more information: SA35515
5) A boundary error in Image RAW can be exploited to cause a buffer overflow via a specially crafted DNG image.
6) A vulnerability in OpenSSL can be exploited to manipulate certain data.
For more information: SA37291
SOLUTION: Apply Security Update 2010-001.
Security Update 2010-001 (Snow Leopard): http://support.apple.com/kb/DL994
Security Update 2010-001 Server (Leopard): http://support.apple.com/kb/DL992
Security Update 2010-001 Client (Leopard): http://support.apple.com/kb/DL993
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Tobias Klein, trapkit.de 3) Damian Put, TippingPoints Zero Day Initiative, Bing Liu of Fortinet's FortiGuard Global Security Research Team, Will Dormann of CERT, Manuel Caballero and Microsoft Vulnerability Research (MSVR) 5) Jason Carr, Carnegie Mellon University Computing Services 6) Steve Dispensa and Marsh Ray, PhoneFactor, Inc.
ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4004
OTHER REFERENCES: SA35515: http://secunia.com/advisories/35515/
SA37291: http://secunia.com/advisories/37291/
SA37364: http://secunia.com/advisories/37364/
SA37584: http://secunia.com/advisories/37584/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201001-0684",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.0 to 3.1.2"
},
{
"model": "ios for ipod touch",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.1 to 3.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ipod touch",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "iphone",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
}
],
"sources": [
{
"db": "BID",
"id": "37868"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-199"
},
{
"db": "NVD",
"id": "CVE-2010-0036"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os_for_ipod_touch",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tobias Klein",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-199"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0036",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0036",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42641",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2010-0036",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0036",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2010-0036",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0036",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-199",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42641",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42641"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-199"
},
{
"db": "NVD",
"id": "CVE-2010-0036"
},
{
"db": "NVD",
"id": "CVE-2010-0036"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. Apple Mac OS X is prone to a buffer-overflow vulnerability that affects the CoreAudio component. \nSuccessful exploits may allow attackers to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service condition. \nThe following versions are affected:\nMac OS X 10.5.8 and prior\nMac OS X Server 10.5.8 and prior\nMac OS X 10.6.2 and prior\nMac OS X Server 10.6.2 and prior. Users who are tricked into opening malicious mp4 files can cause denial of service or execute arbitrary commands. \n\n2) An error in CUPS can be exploited to cause a DoS (Denial of\nService). \n\nFor more information:\nSA37364\n\n3) Multiple vulnerabilities in the Flash Player plug-in can be\nexploited to gain knowledge of system information or compromise a\nuser\u0027s system. \n\nFor more information:\nSA37584\n\n4) A vulnerability in ImageIO can be exploited to cause a DoS or to\npotentially compromise a user\u0027s system. \n\nFor more information:\nSA35515\n\n5) A boundary error in Image RAW can be exploited to cause a buffer\noverflow via a specially crafted DNG image. \n\n6) A vulnerability in OpenSSL can be exploited to manipulate certain\ndata. \n\nFor more information:\nSA37291\n\nSOLUTION:\nApply Security Update 2010-001. \n\nSecurity Update 2010-001 (Snow Leopard):\nhttp://support.apple.com/kb/DL994\n\nSecurity Update 2010-001 Server (Leopard):\nhttp://support.apple.com/kb/DL992\n\nSecurity Update 2010-001 Client (Leopard):\nhttp://support.apple.com/kb/DL993\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Tobias Klein, trapkit.de\n3) Damian Put, TippingPoints Zero Day Initiative, Bing Liu of\nFortinet\u0027s FortiGuard Global Security Research Team, Will Dormann of\nCERT, Manuel Caballero and Microsoft Vulnerability Research (MSVR)\n5) Jason Carr, Carnegie Mellon University Computing Services\n6) Steve Dispensa and Marsh Ray, PhoneFactor, Inc. \n\nORIGINAL ADVISORY:\nApple:\nhttp://support.apple.com/kb/HT4004\n\nOTHER REFERENCES:\nSA35515:\nhttp://secunia.com/advisories/35515/\n\nSA37291:\nhttp://secunia.com/advisories/37291/\n\nSA37364:\nhttp://secunia.com/advisories/37364/\n\nSA37584:\nhttp://secunia.com/advisories/37584/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0036"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
},
{
"db": "BID",
"id": "37868"
},
{
"db": "VULHUB",
"id": "VHN-42641"
},
{
"db": "PACKETSTORM",
"id": "85459"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "37868",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2010-0036",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "38241",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0173",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023472",
"trust": 2.5
},
{
"db": "XF",
"id": "55746",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001041",
"trust": 0.8
},
{
"db": "APPLE",
"id": "APPLE-SA-2010-01-19-1",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2010-02-02-1",
"trust": 0.6
},
{
"db": "XF",
"id": "4",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14375",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201001-199",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-42641",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85459",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42641"
},
{
"db": "BID",
"id": "37868"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
},
{
"db": "PACKETSTORM",
"id": "85459"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-199"
},
{
"db": "NVD",
"id": "CVE-2010-0036"
}
]
},
"id": "VAR-201001-0684",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42641"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:14:01.629000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4004",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4004"
},
{
"title": "HT4013",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4013"
},
{
"title": "HT4004",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4004?viewlocale=ja_JP"
},
{
"title": "HT4013",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4013?viewlocale=ja_JP"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42641"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
},
{
"db": "NVD",
"id": "CVE-2010-0036"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/37868"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1023472"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/38241"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0173"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4004"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2010/jan/msg00000.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2010/feb/msg00000.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht4013"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/55746"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55746"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0036"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0036"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14375"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38241/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37364/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/dl993"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/dl994"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/dl992"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35515/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37291/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42641"
},
{
"db": "BID",
"id": "37868"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
},
{
"db": "PACKETSTORM",
"id": "85459"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-199"
},
{
"db": "NVD",
"id": "CVE-2010-0036"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42641"
},
{
"db": "BID",
"id": "37868"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
},
{
"db": "PACKETSTORM",
"id": "85459"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-199"
},
{
"db": "NVD",
"id": "CVE-2010-0036"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-20T00:00:00",
"db": "VULHUB",
"id": "VHN-42641"
},
{
"date": "2010-01-19T00:00:00",
"db": "BID",
"id": "37868"
},
{
"date": "2010-02-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001041"
},
{
"date": "2010-01-20T06:30:55",
"db": "PACKETSTORM",
"id": "85459"
},
{
"date": "2010-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-199"
},
{
"date": "2010-01-20T16:30:00.367000",
"db": "NVD",
"id": "CVE-2010-0036"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-42641"
},
{
"date": "2010-02-02T18:31:00",
"db": "BID",
"id": "37868"
},
{
"date": "2010-02-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001041"
},
{
"date": "2010-01-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-199"
},
{
"date": "2024-11-21T01:11:23.067000",
"db": "NVD",
"id": "CVE-2010-0036"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-199"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X of CoreAudio Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001041"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-199"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…