Vulnerabilities > CVE-2011-3437 - Numeric Errors vulnerability in Apple mac OS X and mac OS X Server

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
apple
CWE-189
nessus

Summary

Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document.

Common Weakness Enumeration (CWE)

Nessus

NASL familyMacOS X Local Security Checks
NASL idMACOSX_10_7_2.NASL
descriptionThe remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.2. This version contains numerous security-related fixes for the following components : - Apache - Application Firewall - ATS - BIND - Certificate Trust Policy - CFNetwork - CoreMedia - CoreProcesses - CoreStorage - File Systems - iChat Server - Kernel - libsecurity - Open Directory - PHP - python - QuickTime - SMB File Server - X11
last seen2020-06-01
modified2020-06-02
plugin id56480
published2011-10-13
reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/56480
titleMac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities