Vulnerabilities > CVE-2011-0202 - Numeric Errors vulnerability in Apple mac OS X and mac OS X Server

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
apple
CWE-189
nessus

Summary

Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2011-004.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 that does not have Security Update 2011-004 applied. This update contains security- related fixes for the following components : - AirPort - App Store - ColorSync - CoreGraphics - ImageIO - Libsystem - libxslt - MySQL - patch - Samba - servermgrd - subversion
    last seen2020-06-01
    modified2020-06-02
    plugin id55415
    published2011-06-24
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55415
    titleMac OS X Multiple Vulnerabilities (Security Update 2011-004)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SAFARI5_1.NASL
    descriptionThe version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 11.1. It is, therefore, affected by multiple vulnerabilities as described in the HT4808 security advisory.
    last seen2020-06-01
    modified2020-06-02
    plugin id55638
    published2011-07-21
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55638
    titleMac OS X : Apple Safari < 5.1 / 5.0.6
  • NASL familyWindows
    NASL idSAFARI_5_1.NASL
    descriptionThe version of Safari installed on the remote Windows host is earlier than 5.1. As such, it is potentially affected by numerous issues in the following components : - CFNetwork - ColorSync - CoreFoundation - CoreGraphics - International Components for Unicode - ImageIO - libxslt - libxml - Safari - WebKit
    last seen2020-06-01
    modified2020-06-02
    plugin id55639
    published2011-07-21
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55639
    titleSafari < 5.1 Multiple Vulnerabilities
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_6_8.NASL
    descriptionThe remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.8. This update contains security-related fixes for the following components : - App Store - ATS - Certificate Trust Policy - CoreFoundation - CoreGraphics - FTP Server - ImageIO - International Components for Unicode - Kernel - Libsystem - libxslt - MobileMe - MySQL - OpenSSL - patch - QuickLook - QuickTime - Samba - servermgrd - subversion
    last seen2020-06-01
    modified2020-06-02
    plugin id55416
    published2011-06-24
    reporterThis script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55416
    titleMac OS X 10.6.x < 10.6.8 Multiple Vulnerabilities

Seebug

bulletinFamilyexploit
descriptionBugtraq ID: 48412 CVE ID:CVE-2011-0196 CVE-2011-0197 CVE-2011-0198 CVE-2011-0199 CVE-2011-0200 CVE-2011-0201 CVE-2011-0202 CVE-2011-0203 CVE-2011-0204 CVE-2011-0205 CVE-2011-0206 CVE-2011-0207 CVE-2011-0208 CVE-2011-0209 CVE-2011-0210 CVE-2011-0211 CVE-2011-0212 CVE-2011-0213 CVE-2011-1132 Apple Mac OS X是一款商业性质的操作系统。 Apple Mac OS X 2011-004安全公告修复了多个安全漏洞,这些漏洞影响AirPort, App Store, ATS, Certificate Trust Policy, ColorSync, CoreFoundation, CoreGraphics, FTP Server, ImageIO, International Components for Unicode, MobileMe, QuickLook, QuickTime和servermgrd。 CVE-2011-0196: CNCVE ID:CNCVE-20110196 CNCVE-20110196 处理Wi-Fi帧存在越界读问题,当连接到Wi-Fi时,在同一网络的攻击者可使系统重置。 CVE-2011-0197: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 在某些条件下,App Store会记录用户AppleID密码到其他用户不可读的文件中。 CVE-2011-0198: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 处理TrueType字体存在堆缓冲区溢出,查看或下载包含恶意字体的文档可执行任意代码。 CVE-2011-0199: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 证书信任策略存在一个错误处理问题。如果扩展验证(EV)证书没有OCSP URL,并且启用了CRL,那么CRL不会被检查并会接收作废的证书作为合法证书。 CVE-2011-0200: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 处理嵌入ColorSync配置文件的图像时存在整数溢出,可导致堆缓冲区溢出。 CVE-2011-0201: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 处理CFStrings存在单字节缓冲区溢出,可导致应用程序崩溃或任意代码执行。 CVE-2011-0202: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 处理Type 1字体存在整数溢出,查看和下载嵌入特制字体的文档可导致任意代码执行。 CVE-2011-0203: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 xftpd存在路径校验错误,具有FTP访问的用户可列出系统文件。 CVE-2011-0204: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 ImageIO处理TIFF图像存在堆缓冲区溢出,查看特制的TIFF图像可导致应用程序崩溃或执行任意代码。 CVE-2011-0205: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 ImageIO处理JPEG2000图像存在堆缓冲区溢出,查看特制的TIFF图像可导致应用程序崩溃或执行任意代码。 CVE-2011-0206: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 CNCVE-20110206 ICU处理大写字符串存在缓冲区溢出,可使使用ICU的应用程序崩溃。 CVE-2011-0207: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 CNCVE-20110206 CNCVE-20110207 通过MobileMe连接判断用户Email别名时,邮件会通过HTTP提交请求,结果可导致一个具体有特权网络位置的攻击者读取用户MobileMe email别名。 CVE-2011-0208: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 CNCVE-20110206 CNCVE-20110207 CNCVE-20110208 QuickLook处理Microsoft office文件存在内存破坏,下载特制的Microsoft Office文件可使应用程序崩溃或执行任意代码。 CVE-2011-0209: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 CNCVE-20110206 CNCVE-20110207 CNCVE-20110208 CNCVE-20110209 QuickTime处理RIFF WAV文件存在整数溢出,查看特制WAV文件可使应用程序崩溃或执行任意代码。 CVE-2011-0210: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 CNCVE-20110206 CNCVE-20110207 CNCVE-20110208 CNCVE-20110209 CNCVE-20110210 QuickTime处理QuickTime电影文件中的示例表时存在内存破坏,查看特制电影文件可使应用程序崩溃或执行任意代码。 CVE-2011-0211: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 CNCVE-20110206 CNCVE-20110207 CNCVE-20110208 CNCVE-20110209 CNCVE-20110210 CNCVE-20110211 QuickTime处理QuickTime电影文件存在整数溢出,查看特制电影文件可使应用程序崩溃或执行任意代码。 CVE-2011-0212: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 CNCVE-20110206 CNCVE-20110207 CNCVE-20110208 CNCVE-20110209 CNCVE-20110210 CNCVE-20110211 CNCVE-20110212 QuickTime处理PICT图像存在缓冲区溢出,查看特制PICT图像文件可使应用程序崩溃或执行任意代码。 CVE-2011-0213: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 CNCVE-20110206 CNCVE-20110207 CNCVE-20110208 CNCVE-20110209 CNCVE-20110210 CNCVE-20110211 CNCVE-20110212 CNCVE-20110213 QuickTime处理JPEG图像存在缓冲区溢出,查看特制JPEG图像文件可使应用程序崩溃或执行任意代码。 CVE-2011-1132: CNCVE ID:CNCVE-20110196 CNCVE-20110196 CNCVE-20110197 CNCVE-20110198 CNCVE-20110199 CNCVE-20110200 CNCVE-20110201 CNCVE-20110202 CNCVE-20110203 CNCVE-20110204 CNCVE-20110205 CNCVE-20110206 CNCVE-20110207 CNCVE-20110208 CNCVE-20110209 CNCVE-20110210 CNCVE-20110211 CNCVE-20110212 CNCVE-20110213 CNCVE-20111132 处理IPV6套接字选项存在空指针引用错误,本地用户可使系统重置。 Apple Mac OS X Server 10.6.6 Apple Mac OS X Server 10.6.5 Apple Mac OS X Server 10.6.5 Apple Mac OS X Server 10.6.4 Apple Mac OS X Server 10.6.3 Apple Mac OS X Server 10.6.2 Apple Mac OS X Server 10.6.1 Apple Mac OS X Server 10.5.8 Apple Mac OS X Server 10.5.7 Apple Mac OS X Server 10.5.6 Apple Mac OS X Server 10.5.5 Apple Mac OS X Server 10.5.4 Apple Mac OS X Server 10.5.3 Apple Mac OS X Server 10.5.2 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.5 Apple Mac Os X Server 10.6.7 Apple Mac OS X Server 10.6 Apple Mac OS X Server 10.5 Apple Mac OS X 10.6.5 Apple Mac OS X 10.6.4 Apple Mac OS X 10.6.3 Apple Mac OS X 10.6.2 Apple Mac OS X 10.6.1 Apple Mac OS X 10.5.8 Apple Mac OS X 10.5.7 Apple Mac OS X 10.5.6 Apple Mac OS X 10.5.5 Apple Mac OS X 10.5.4 Apple Mac OS X 10.5.3 Apple Mac OS X 10.5.2 Apple Mac OS X 10.5.1 Apple Mac OS X 10.5 Apple Mac OS X 10.6 Apple Mac OS X 10.5 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0b760113a3a155269a3fba93a409c640031dd68f
idSSV:20665
last seen2017-11-19
modified2011-06-27
published2011-06-27
reporterRoot
titleApple Mac OS X 10.6.8之前版本存在多个安全漏洞