cvelistv5 - cve-2011-1132

CVE-2011-1132 (GCVE-0-2011-1132)

Vulnerability from cvelistv5 – Published: 2011-06-24 20:00 – Updated: 2024-08-06 22:14

Summary

The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/Security-announce…	vendor-advisoryx_refsource_APPLE
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.securityfocus.com/bid/48422	vdb-entryx_refsource_BID
	http://support.apple.com/kb/HT4999	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:27.835Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-10-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "48422",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48422"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4999"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-18T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-10-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "48422",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48422"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4999"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1132",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-10-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "48422",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48422"
            },
            {
              "name": "http://support.apple.com/kb/HT4999",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4999"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1132",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2011-03-02T00:00:00",
    "dateUpdated": "2024-08-06T22:14:27.835Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C69DEE9-3FA5-408E-AD27-F5E7043F852A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D25D1FD3-C291-492C-83A7-0AFAFAADC98D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B565F77-C310-4B83-B098-22F9489C226C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"546EBFC8-79F0-42C2-9B9A-A76CA3F19470\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"119C8089-8C98-472E-9E9C-1741AA21DD35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"831C5105-6409-4743-8FB5-A91D8956202F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B63D169-E2AA-4315-891F-B4AF99F2753C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E715DFC-ADB8-43D0-9941-76BB0BE7BCF5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26E34E35-CCE9-42BE-9AFF-561D8AA90E25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A04FF6EE-D4DA-4D70-B0CE-154292828531\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9425320F-D119-49EB-9265-3159070DFE93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF0D1051-F850-4A02-ABA0-968E1336A518\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1C9705A-74D4-43BA-A119-C667678F9A15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BBF5FE5-4B25-47BE-8D9D-F228746408EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CE84A25-CEFB-4165-9498-2E4BF60E2C0E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.\"}, {\"lang\": \"es\", \"value\": \"La implementaci\\u00f3n de IPv6 en el n\\u00facleo de Apple Mac OS X antes de v10.6.8 permite a usuarios locales provocar una denegaci\\u00f3n de servicio (por un puntero a NULL y el reinicio de la m\\u00e1quina) a trav\\u00e9s de vectores que implican opciones de socket.\"}]",
      "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\u0027CWE-476: NULL Pointer Dereference\u0027",
      "id": "CVE-2011-1132",
      "lastModified": "2024-11-21T01:25:37.380",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2011-06-24T20:55:02.653",
      "references": "[{\"url\": \"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4723\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4999\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/48422\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4723\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4999\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/48422\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-1132\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-06-24T20:55:02.653\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n de IPv6 en el n\u00facleo de Apple Mac OS X antes de v10.6.8 permite a usuarios locales provocar una denegaci\u00f3n de servicio (por un puntero a NULL y el reinicio de la m\u00e1quina) a trav\u00e9s de vectores que implican opciones de socket.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C69DEE9-3FA5-408E-AD27-F5E7043F852A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D25D1FD3-C291-492C-83A7-0AFAFAADC98D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B565F77-C310-4B83-B098-22F9489C226C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"546EBFC8-79F0-42C2-9B9A-A76CA3F19470\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"119C8089-8C98-472E-9E9C-1741AA21DD35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"831C5105-6409-4743-8FB5-A91D8956202F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B63D169-E2AA-4315-891F-B4AF99F2753C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E715DFC-ADB8-43D0-9941-76BB0BE7BCF5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26E34E35-CCE9-42BE-9AFF-561D8AA90E25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A04FF6EE-D4DA-4D70-B0CE-154292828531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9425320F-D119-49EB-9265-3159070DFE93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0D1051-F850-4A02-ABA0-968E1336A518\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1C9705A-74D4-43BA-A119-C667678F9A15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BBF5FE5-4B25-47BE-8D9D-F228746408EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CE84A25-CEFB-4165-9498-2E4BF60E2C0E\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4723\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4999\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/48422\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4723\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/48422\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Per: http://cwe.mitre.org/data/definitions/476.html\\r\\n\u0027CWE-476: NULL Pointer Dereference\u0027\"}}"
  }
}

CERTA-2011-AVI-567

Vulnerability from certfr_avis - Published: - Updated:

De nombreuses vulnérabilités ont été corrigées dans Apple iOS pour iPhone, iPad et iPod touch dont certaines permettent une exécution de code arbitraire à distance.

Description

De nombreuses vulnérabilités ont été corrigées dans Apple iOS pour iPhone, iPad et iPod touch. Certaines permettent à une personne malintentionnée d'exécuter du code arbitraire à distance ou de récupérer le mot de passe du compte «Apple ID» utilisé. Les composants suivants ont été mise à jour :

CalDAV ;
Calendar ;
CFNetwork ;
CoreFoundation ;
CoreGraphics ;
CoreMedia ;
ImageIO ;
International Components for Unicode ;
Kernel ;
Keyboards ;
libxml ;
OfficeImport ;
Safari ;
Settings ;
UIKit ;
WebKit ;
WiFi.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	iPod touch avec iOS versions 4.3.5 et antérieures.
Apple	N/A	iPhone 4 et 3GS avec iOS versions 4.3.5 et antérieures ;
Apple	N/A	iPad avec iOS versions 4.3.5 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4999 du 12 octobre 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iPod touch avec iOS versions 4.3.5 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPhone 4 et 3GS avec iOS versions 4.3.5 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPad avec iOS versions 4.3.5 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS pour\niPhone, iPad et iPod touch. Certaines permettent \u00e0 une personne\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance ou de r\u00e9cup\u00e9rer\nle mot de passe du compte \u00abApple ID\u00bb utilis\u00e9. Les composants suivants\nont \u00e9t\u00e9 mise \u00e0 jour\u00a0:\n\n-   CalDAV\u00a0;\n-   Calendar\u00a0;\n-   CFNetwork\u00a0;\n-   CoreFoundation\u00a0;\n-   CoreGraphics\u00a0;\n-   CoreMedia\u00a0;\n-   ImageIO\u00a0;\n-   International Components for Unicode\u00a0;\n-   Kernel\u00a0;\n-   Keyboards\u00a0;\n-   libxml\u00a0;\n-   OfficeImport\u00a0;\n-   Safari\u00a0;\n-   Settings\u00a0;\n-   UIKit\u00a0;\n-   WebKit\u00a0;\n-   WiFi.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1204"
    },
    {
      "name": "CVE-2011-1117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1117"
    },
    {
      "name": "CVE-2011-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
    },
    {
      "name": "CVE-2011-0983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0983"
    },
    {
      "name": "CVE-2011-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0259"
    },
    {
      "name": "CVE-2011-2814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2814"
    },
    {
      "name": "CVE-2011-0208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0208"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-2823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2823"
    },
    {
      "name": "CVE-2011-2813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2813"
    },
    {
      "name": "CVE-2011-2359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2359"
    },
    {
      "name": "CVE-2011-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0216"
    },
    {
      "name": "CVE-2011-2788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2788"
    },
    {
      "name": "CVE-2011-1774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1774"
    },
    {
      "name": "CVE-2011-2819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2819"
    },
    {
      "name": "CVE-2011-2799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2799"
    },
    {
      "name": "CVE-2011-2341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2341"
    },
    {
      "name": "CVE-2011-0255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0255"
    },
    {
      "name": "CVE-2011-1190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1190"
    },
    {
      "name": "CVE-2011-3256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3256"
    },
    {
      "name": "CVE-2011-1188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1188"
    },
    {
      "name": "CVE-2011-0233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0233"
    },
    {
      "name": "CVE-2011-1115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1115"
    },
    {
      "name": "CVE-2011-1296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1296"
    },
    {
      "name": "CVE-2011-2351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2351"
    },
    {
      "name": "CVE-2011-2827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2827"
    },
    {
      "name": "CVE-2011-3432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3432"
    },
    {
      "name": "CVE-2011-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0981"
    },
    {
      "name": "CVE-2011-3254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3254"
    },
    {
      "name": "CVE-2011-0254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0254"
    },
    {
      "name": "CVE-2011-2831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2831"
    },
    {
      "name": "CVE-2011-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0238"
    },
    {
      "name": "CVE-2011-2800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2800"
    },
    {
      "name": "CVE-2011-1295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1295"
    },
    {
      "name": "CVE-2011-3434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3434"
    },
    {
      "name": "CVE-2011-0222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0222"
    },
    {
      "name": "CVE-2011-1121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1121"
    },
    {
      "name": "CVE-2011-1797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1797"
    },
    {
      "name": "CVE-2011-2817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2817"
    },
    {
      "name": "CVE-2011-0206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0206"
    },
    {
      "name": "CVE-2011-1451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1451"
    },
    {
      "name": "CVE-2011-2790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2790"
    },
    {
      "name": "CVE-2011-3243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3243"
    },
    {
      "name": "CVE-2011-3235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3235"
    },
    {
      "name": "CVE-2011-3237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3237"
    },
    {
      "name": "CVE-2011-3255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3255"
    },
    {
      "name": "CVE-2011-2805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2805"
    },
    {
      "name": "CVE-2011-0232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0232"
    },
    {
      "name": "CVE-2011-2356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2356"
    },
    {
      "name": "CVE-2011-3246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3246"
    },
    {
      "name": "CVE-2011-2797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2797"
    },
    {
      "name": "CVE-2011-2339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2339"
    },
    {
      "name": "CVE-2011-1288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1288"
    },
    {
      "name": "CVE-2011-1132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1132"
    },
    {
      "name": "CVE-2011-0241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0241"
    },
    {
      "name": "CVE-2011-1203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1203"
    },
    {
      "name": "CVE-2011-3245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3245"
    },
    {
      "name": "CVE-2011-0242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0242"
    },
    {
      "name": "CVE-2011-2809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2809"
    },
    {
      "name": "CVE-2011-3261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3261"
    },
    {
      "name": "CVE-2011-1293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1293"
    },
    {
      "name": "CVE-2011-3234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3234"
    },
    {
      "name": "CVE-2011-2338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2338"
    },
    {
      "name": "CVE-2011-3429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3429"
    },
    {
      "name": "CVE-2011-0184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0184"
    },
    {
      "name": "CVE-2011-3431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3431"
    },
    {
      "name": "CVE-2011-2792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2792"
    },
    {
      "name": "CVE-2011-0234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0234"
    },
    {
      "name": "CVE-2011-1449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1449"
    },
    {
      "name": "CVE-2011-3430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3430"
    },
    {
      "name": "CVE-2011-3259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3259"
    },
    {
      "name": "CVE-2011-2818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2818"
    },
    {
      "name": "CVE-2011-1457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1457"
    },
    {
      "name": "CVE-2011-0235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0235"
    },
    {
      "name": "CVE-2011-0225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0225"
    },
    {
      "name": "CVE-2011-3236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3236"
    },
    {
      "name": "CVE-2011-1114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1114"
    },
    {
      "name": "CVE-2011-3427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3427"
    },
    {
      "name": "CVE-2011-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0166"
    },
    {
      "name": "CVE-2011-2820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2820"
    },
    {
      "name": "CVE-2011-1109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1109"
    },
    {
      "name": "CVE-2011-0221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0221"
    },
    {
      "name": "CVE-2011-2354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2354"
    },
    {
      "name": "CVE-2011-2816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2816"
    },
    {
      "name": "CVE-2011-2352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2352"
    },
    {
      "name": "CVE-2011-1462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1462"
    },
    {
      "name": "CVE-2011-1453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1453"
    },
    {
      "name": "CVE-2011-0218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0218"
    },
    {
      "name": "CVE-2011-3257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3257"
    },
    {
      "name": "CVE-2011-3244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3244"
    },
    {
      "name": "CVE-2011-1107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1107"
    },
    {
      "name": "CVE-2011-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
    },
    {
      "name": "CVE-2011-3426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3426"
    },
    {
      "name": "CVE-2011-3260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3260"
    },
    {
      "name": "CVE-2011-3232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3232"
    },
    {
      "name": "CVE-2011-3253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3253"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-567",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS pour\niPhone, iPad et iPod touch dont certaines permettent une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4999 du 12 octobre 2011",
      "url": "http://support.apple.com/kb/HT4999"
    }
  ]
}

CERTA-2011-AVI-567

Vulnerability from certfr_avis - Published: - Updated:

De nombreuses vulnérabilités ont été corrigées dans Apple iOS pour iPhone, iPad et iPod touch dont certaines permettent une exécution de code arbitraire à distance.

Description

CalDAV ;
Calendar ;
CFNetwork ;
CoreFoundation ;
CoreGraphics ;
CoreMedia ;
ImageIO ;
International Components for Unicode ;
Kernel ;
Keyboards ;
libxml ;
OfficeImport ;
Safari ;
Settings ;
UIKit ;
WebKit ;
WiFi.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	iPod touch avec iOS versions 4.3.5 et antérieures.
Apple	N/A	iPhone 4 et 3GS avec iOS versions 4.3.5 et antérieures ;
Apple	N/A	iPad avec iOS versions 4.3.5 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4999 du 12 octobre 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iPod touch avec iOS versions 4.3.5 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPhone 4 et 3GS avec iOS versions 4.3.5 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPad avec iOS versions 4.3.5 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS pour\niPhone, iPad et iPod touch. Certaines permettent \u00e0 une personne\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance ou de r\u00e9cup\u00e9rer\nle mot de passe du compte \u00abApple ID\u00bb utilis\u00e9. Les composants suivants\nont \u00e9t\u00e9 mise \u00e0 jour\u00a0:\n\n-   CalDAV\u00a0;\n-   Calendar\u00a0;\n-   CFNetwork\u00a0;\n-   CoreFoundation\u00a0;\n-   CoreGraphics\u00a0;\n-   CoreMedia\u00a0;\n-   ImageIO\u00a0;\n-   International Components for Unicode\u00a0;\n-   Kernel\u00a0;\n-   Keyboards\u00a0;\n-   libxml\u00a0;\n-   OfficeImport\u00a0;\n-   Safari\u00a0;\n-   Settings\u00a0;\n-   UIKit\u00a0;\n-   WebKit\u00a0;\n-   WiFi.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1204"
    },
    {
      "name": "CVE-2011-1117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1117"
    },
    {
      "name": "CVE-2011-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
    },
    {
      "name": "CVE-2011-0983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0983"
    },
    {
      "name": "CVE-2011-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0259"
    },
    {
      "name": "CVE-2011-2814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2814"
    },
    {
      "name": "CVE-2011-0208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0208"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-2823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2823"
    },
    {
      "name": "CVE-2011-2813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2813"
    },
    {
      "name": "CVE-2011-2359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2359"
    },
    {
      "name": "CVE-2011-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0216"
    },
    {
      "name": "CVE-2011-2788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2788"
    },
    {
      "name": "CVE-2011-1774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1774"
    },
    {
      "name": "CVE-2011-2819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2819"
    },
    {
      "name": "CVE-2011-2799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2799"
    },
    {
      "name": "CVE-2011-2341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2341"
    },
    {
      "name": "CVE-2011-0255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0255"
    },
    {
      "name": "CVE-2011-1190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1190"
    },
    {
      "name": "CVE-2011-3256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3256"
    },
    {
      "name": "CVE-2011-1188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1188"
    },
    {
      "name": "CVE-2011-0233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0233"
    },
    {
      "name": "CVE-2011-1115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1115"
    },
    {
      "name": "CVE-2011-1296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1296"
    },
    {
      "name": "CVE-2011-2351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2351"
    },
    {
      "name": "CVE-2011-2827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2827"
    },
    {
      "name": "CVE-2011-3432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3432"
    },
    {
      "name": "CVE-2011-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0981"
    },
    {
      "name": "CVE-2011-3254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3254"
    },
    {
      "name": "CVE-2011-0254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0254"
    },
    {
      "name": "CVE-2011-2831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2831"
    },
    {
      "name": "CVE-2011-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0238"
    },
    {
      "name": "CVE-2011-2800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2800"
    },
    {
      "name": "CVE-2011-1295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1295"
    },
    {
      "name": "CVE-2011-3434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3434"
    },
    {
      "name": "CVE-2011-0222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0222"
    },
    {
      "name": "CVE-2011-1121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1121"
    },
    {
      "name": "CVE-2011-1797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1797"
    },
    {
      "name": "CVE-2011-2817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2817"
    },
    {
      "name": "CVE-2011-0206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0206"
    },
    {
      "name": "CVE-2011-1451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1451"
    },
    {
      "name": "CVE-2011-2790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2790"
    },
    {
      "name": "CVE-2011-3243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3243"
    },
    {
      "name": "CVE-2011-3235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3235"
    },
    {
      "name": "CVE-2011-3237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3237"
    },
    {
      "name": "CVE-2011-3255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3255"
    },
    {
      "name": "CVE-2011-2805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2805"
    },
    {
      "name": "CVE-2011-0232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0232"
    },
    {
      "name": "CVE-2011-2356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2356"
    },
    {
      "name": "CVE-2011-3246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3246"
    },
    {
      "name": "CVE-2011-2797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2797"
    },
    {
      "name": "CVE-2011-2339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2339"
    },
    {
      "name": "CVE-2011-1288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1288"
    },
    {
      "name": "CVE-2011-1132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1132"
    },
    {
      "name": "CVE-2011-0241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0241"
    },
    {
      "name": "CVE-2011-1203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1203"
    },
    {
      "name": "CVE-2011-3245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3245"
    },
    {
      "name": "CVE-2011-0242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0242"
    },
    {
      "name": "CVE-2011-2809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2809"
    },
    {
      "name": "CVE-2011-3261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3261"
    },
    {
      "name": "CVE-2011-1293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1293"
    },
    {
      "name": "CVE-2011-3234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3234"
    },
    {
      "name": "CVE-2011-2338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2338"
    },
    {
      "name": "CVE-2011-3429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3429"
    },
    {
      "name": "CVE-2011-0184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0184"
    },
    {
      "name": "CVE-2011-3431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3431"
    },
    {
      "name": "CVE-2011-2792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2792"
    },
    {
      "name": "CVE-2011-0234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0234"
    },
    {
      "name": "CVE-2011-1449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1449"
    },
    {
      "name": "CVE-2011-3430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3430"
    },
    {
      "name": "CVE-2011-3259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3259"
    },
    {
      "name": "CVE-2011-2818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2818"
    },
    {
      "name": "CVE-2011-1457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1457"
    },
    {
      "name": "CVE-2011-0235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0235"
    },
    {
      "name": "CVE-2011-0225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0225"
    },
    {
      "name": "CVE-2011-3236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3236"
    },
    {
      "name": "CVE-2011-1114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1114"
    },
    {
      "name": "CVE-2011-3427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3427"
    },
    {
      "name": "CVE-2011-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0166"
    },
    {
      "name": "CVE-2011-2820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2820"
    },
    {
      "name": "CVE-2011-1109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1109"
    },
    {
      "name": "CVE-2011-0221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0221"
    },
    {
      "name": "CVE-2011-2354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2354"
    },
    {
      "name": "CVE-2011-2816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2816"
    },
    {
      "name": "CVE-2011-2352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2352"
    },
    {
      "name": "CVE-2011-1462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1462"
    },
    {
      "name": "CVE-2011-1453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1453"
    },
    {
      "name": "CVE-2011-0218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0218"
    },
    {
      "name": "CVE-2011-3257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3257"
    },
    {
      "name": "CVE-2011-3244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3244"
    },
    {
      "name": "CVE-2011-1107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1107"
    },
    {
      "name": "CVE-2011-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
    },
    {
      "name": "CVE-2011-3426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3426"
    },
    {
      "name": "CVE-2011-3260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3260"
    },
    {
      "name": "CVE-2011-3232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3232"
    },
    {
      "name": "CVE-2011-3253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3253"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-567",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS pour\niPhone, iPad et iPod touch dont certaines permettent une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4999 du 12 octobre 2011",
      "url": "http://support.apple.com/kb/HT4999"
    }
  ]
}

CERTA-2011-AVI-369

Vulnerability from certfr_avis - Published: - Updated:

De nombreuses vulnérabilités ont été corrigées dans Mac OS X. Leur exploitation permet, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Mac OS X, notamment :

AirPort ;
App Store ;
Gestion des certificats ;
ColorSync ;
CoreFoundation ;
CoreGraphics ;
FTP Server ;
ImageIO ;
Kernel ;
Libsystem ;
Libxslt ;
MobileMe ;
MySQL ;
OpenSSL ;
QuickTime ;
Samba ;
Servermgrd ;
Subversion.

Certaines vulnérabilités permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Mac OS X 10.5.8 ;
N/A	N/A	Mac OS X Server 10.6.x.
N/A	N/A	Mac OS X Server 10.5.8 ;
N/A	N/A	Mac OS X 10.6.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4723 du 23 juin 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.6.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Mac OS X, notamment\u00a0:\n\n-   AirPort\u00a0;\n-   App Store\u00a0;\n-   Gestion des certificats\u00a0;\n-   ColorSync\u00a0;\n-   CoreFoundation\u00a0;\n-   CoreGraphics\u00a0;\n-   FTP Server\u00a0;\n-   ImageIO\u00a0;\n-   Kernel\u00a0;\n-   Libsystem\u00a0;\n-   Libxslt\u00a0;\n-   MobileMe\u00a0;\n-   MySQL\u00a0;\n-   OpenSSL\u00a0;\n-   QuickTime\u00a0;\n-   Samba\u00a0;\n-   Servermgrd\u00a0;\n-   Subversion.\n\nCertaines vuln\u00e9rabilit\u00e9s permettent l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0195"
    },
    {
      "name": "CVE-2011-0200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0200"
    },
    {
      "name": "CVE-2011-0208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0208"
    },
    {
      "name": "CVE-2010-4651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4651"
    },
    {
      "name": "CVE-2010-3835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3835"
    },
    {
      "name": "CVE-2011-0198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0198"
    },
    {
      "name": "CVE-2011-0715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0715"
    },
    {
      "name": "CVE-2010-3837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3837"
    },
    {
      "name": "CVE-2010-3682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3682"
    },
    {
      "name": "CVE-2011-0207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0207"
    },
    {
      "name": "CVE-2011-0202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0202"
    },
    {
      "name": "CVE-2011-0196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0196"
    },
    {
      "name": "CVE-2010-3677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3677"
    },
    {
      "name": "CVE-2011-0197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0197"
    },
    {
      "name": "CVE-2011-0210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0210"
    },
    {
      "name": "CVE-2011-0209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0209"
    },
    {
      "name": "CVE-2011-0203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0203"
    },
    {
      "name": "CVE-2011-0206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0206"
    },
    {
      "name": "CVE-2011-0719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0719"
    },
    {
      "name": "CVE-2010-3790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3790"
    },
    {
      "name": "CVE-2010-4180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4180"
    },
    {
      "name": "CVE-2009-3245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3245"
    },
    {
      "name": "CVE-2010-0740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0740"
    },
    {
      "name": "CVE-2010-2632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2632"
    },
    {
      "name": "CVE-2011-1132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1132"
    },
    {
      "name": "CVE-2011-0213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0213"
    },
    {
      "name": "CVE-2010-3838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3838"
    },
    {
      "name": "CVE-2011-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0212"
    },
    {
      "name": "CVE-2011-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0205"
    },
    {
      "name": "CVE-2010-3836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3836"
    },
    {
      "name": "CVE-2011-0204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0204"
    },
    {
      "name": "CVE-2011-0199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0199"
    },
    {
      "name": "CVE-2010-3069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3069"
    },
    {
      "name": "CVE-2011-0201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0201"
    },
    {
      "name": "CVE-2010-3864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3864"
    },
    {
      "name": "CVE-2010-3833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3833"
    },
    {
      "name": "CVE-2011-0014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0014"
    },
    {
      "name": "CVE-2011-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0211"
    },
    {
      "name": "CVE-2010-3834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3834"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-369",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-06-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Mac OS X. Leur\nexploitation permet, entre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4723 du 23 juin 2011",
      "url": "http://docs.info.apple.com/article.html?artnum=HT4723"
    }
  ]
}

CERTA-2011-AVI-369

Vulnerability from certfr_avis - Published: - Updated:

De nombreuses vulnérabilités ont été corrigées dans Mac OS X. Leur exploitation permet, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Mac OS X, notamment :

AirPort ;
App Store ;
Gestion des certificats ;
ColorSync ;
CoreFoundation ;
CoreGraphics ;
FTP Server ;
ImageIO ;
Kernel ;
Libsystem ;
Libxslt ;
MobileMe ;
MySQL ;
OpenSSL ;
QuickTime ;
Samba ;
Servermgrd ;
Subversion.

Certaines vulnérabilités permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Mac OS X 10.5.8 ;
N/A	N/A	Mac OS X Server 10.6.x.
N/A	N/A	Mac OS X Server 10.5.8 ;
N/A	N/A	Mac OS X 10.6.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4723 du 23 juin 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.6.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Mac OS X, notamment\u00a0:\n\n-   AirPort\u00a0;\n-   App Store\u00a0;\n-   Gestion des certificats\u00a0;\n-   ColorSync\u00a0;\n-   CoreFoundation\u00a0;\n-   CoreGraphics\u00a0;\n-   FTP Server\u00a0;\n-   ImageIO\u00a0;\n-   Kernel\u00a0;\n-   Libsystem\u00a0;\n-   Libxslt\u00a0;\n-   MobileMe\u00a0;\n-   MySQL\u00a0;\n-   OpenSSL\u00a0;\n-   QuickTime\u00a0;\n-   Samba\u00a0;\n-   Servermgrd\u00a0;\n-   Subversion.\n\nCertaines vuln\u00e9rabilit\u00e9s permettent l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0195"
    },
    {
      "name": "CVE-2011-0200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0200"
    },
    {
      "name": "CVE-2011-0208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0208"
    },
    {
      "name": "CVE-2010-4651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4651"
    },
    {
      "name": "CVE-2010-3835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3835"
    },
    {
      "name": "CVE-2011-0198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0198"
    },
    {
      "name": "CVE-2011-0715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0715"
    },
    {
      "name": "CVE-2010-3837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3837"
    },
    {
      "name": "CVE-2010-3682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3682"
    },
    {
      "name": "CVE-2011-0207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0207"
    },
    {
      "name": "CVE-2011-0202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0202"
    },
    {
      "name": "CVE-2011-0196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0196"
    },
    {
      "name": "CVE-2010-3677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3677"
    },
    {
      "name": "CVE-2011-0197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0197"
    },
    {
      "name": "CVE-2011-0210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0210"
    },
    {
      "name": "CVE-2011-0209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0209"
    },
    {
      "name": "CVE-2011-0203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0203"
    },
    {
      "name": "CVE-2011-0206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0206"
    },
    {
      "name": "CVE-2011-0719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0719"
    },
    {
      "name": "CVE-2010-3790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3790"
    },
    {
      "name": "CVE-2010-4180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4180"
    },
    {
      "name": "CVE-2009-3245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3245"
    },
    {
      "name": "CVE-2010-0740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0740"
    },
    {
      "name": "CVE-2010-2632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2632"
    },
    {
      "name": "CVE-2011-1132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1132"
    },
    {
      "name": "CVE-2011-0213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0213"
    },
    {
      "name": "CVE-2010-3838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3838"
    },
    {
      "name": "CVE-2011-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0212"
    },
    {
      "name": "CVE-2011-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0205"
    },
    {
      "name": "CVE-2010-3836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3836"
    },
    {
      "name": "CVE-2011-0204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0204"
    },
    {
      "name": "CVE-2011-0199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0199"
    },
    {
      "name": "CVE-2010-3069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3069"
    },
    {
      "name": "CVE-2011-0201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0201"
    },
    {
      "name": "CVE-2010-3864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3864"
    },
    {
      "name": "CVE-2010-3833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3833"
    },
    {
      "name": "CVE-2011-0014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0014"
    },
    {
      "name": "CVE-2011-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0211"
    },
    {
      "name": "CVE-2010-3834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3834"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-369",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-06-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Mac OS X. Leur\nexploitation permet, entre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4723 du 23 juin 2011",
      "url": "http://docs.info.apple.com/article.html?artnum=HT4723"
    }
  ]
}

FKIE_CVE-2011-1132

Vulnerability from fkie_nvd - Published: 2011-06-24 20:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.

References

URL	Tags
cve@mitre.org	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
cve@mitre.org	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	Patch, Vendor Advisory
cve@mitre.org	http://support.apple.com/kb/HT4723	Patch, Vendor Advisory
cve@mitre.org	http://support.apple.com/kb/HT4999
cve@mitre.org	http://www.securityfocus.com/bid/48422
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4723	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4999
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/48422

Impacted products

Vendor	Product	Version
apple	mac_os_x	10.6.0
apple	mac_os_x	10.6.1
apple	mac_os_x	10.6.2
apple	mac_os_x	10.6.3
apple	mac_os_x	10.6.4
apple	mac_os_x	10.6.5
apple	mac_os_x	10.6.6
apple	mac_os_x	10.6.7
apple	mac_os_x_server	10.6.0
apple	mac_os_x_server	10.6.1
apple	mac_os_x_server	10.6.2
apple	mac_os_x_server	10.6.3
apple	mac_os_x_server	10.6.4
apple	mac_os_x_server	10.6.5
apple	mac_os_x_server	10.6.6
apple	mac_os_x_server	10.6.7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "119C8089-8C98-472E-9E9C-1741AA21DD35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "831C5105-6409-4743-8FB5-A91D8956202F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B63D169-E2AA-4315-891F-B4AF99F2753C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E715DFC-ADB8-43D0-9941-76BB0BE7BCF5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF0D1051-F850-4A02-ABA0-968E1336A518",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1C9705A-74D4-43BA-A119-C667678F9A15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBF5FE5-4B25-47BE-8D9D-F228746408EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE84A25-CEFB-4165-9498-2E4BF60E2C0E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n de IPv6 en el n\u00facleo de Apple Mac OS X antes de v10.6.8 permite a usuarios locales provocar una denegaci\u00f3n de servicio (por un puntero a NULL y el reinicio de la m\u00e1quina) a trav\u00e9s de vectores que implican opciones de socket."
    }
  ],
  "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\u0027CWE-476: NULL Pointer Dereference\u0027",
  "id": "CVE-2011-1132",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-06-24T20:55:02.653",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4723"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT4999"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/48422"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/48422"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201106-0018

Vulnerability from variot - Updated: 2023-12-18 10:52

The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options. Apple Mac OS X is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause a system reset, denying service to legitimate users. This issue affects Mac OS X 10.6 to 10.6.7 and Mac OS X Server 10.6 to 10.6.7. NOTE: This issue was previously discussed in BID 48412 (Apple Mac OS X Prior to 10.6.8 Multiple Security Vulnerabilities) but has been given its own record to better document it. ----------------------------------------------------------------------

Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/

TITLE: Apple Mac OS X Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA45054

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45054/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45054

RELEASE DATE: 2011-06-25

DISCUSS ADVISORY: http://secunia.com/advisories/45054/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/45054/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=45054

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

1) An error within AirPort when handling Wi-Fi frames can be exploited to trigger an out-of-bounds memory access and cause a system reset.

2) An error within App Store may lead to a user's AppleID password being logged to a local file.

3) An unspecified error in the handling of embedded TrueType fonts in Apple Type Services (ATS) can be exploited to cause a heap-based buffer overflow when a specially crafted document is viewed or downloaded.

4) An error within Certificate Trust Policy when handling an Extended Validation (EV) certificate with no OCSP URL can be exploited to disclose certain sensitive information via Man-in-the-Middle (MitM) attacks.

5) An integer overflow error when processing ColorSync profiles embedded in images can be exploited to cause a heap-based buffer overflow and potentially execute arbitrary code via a specially crafted image.

6) An off-by-one error within the CoreFoundation framework when handling CFStrings can be exploited to execute arbitrary code.

7) An integer overflow error in CoreGraphics when handling PDF files containing Type 1 fonts can be exploited to cause a buffer overflow via a specially crafted PDF file.

8) A path validation error within xftpd can be exploited to perform a recursive directory listing and disclose the list of otherwise restricted files.

9) An error in ImageIO within the handling of TIFF files can be exploited to cause a heap-based buffer overflow.

10) An error in ImageIO within the handling of JPEG2000 files can be exploited to cause a heap-based buffer overflow.

11) An error within ICU (International Components for Unicode) when handling certain uppercase strings can be exploited to cause a buffer overflow.

13) An error within Libsystem when using the glob(3) API can be exploited to cause a high CPU consumption.

14) An error within libxslt can be exploited to disclose certain addresses from the heap.

For more information see vulnerability #2 in: SA43832

15) An error exists within MobileMe when determining a user's email aliases. This can be exploited to disclose a user's MobileMe email aliases via Man-in-the-Middle (MitM) attacks.

16) Some vulnerabilities are caused due to a vulnerable bundled version of MySQL.

For more information: SA41048 SA41716

17) Some vulnerabilities are caused due to a vulnerable bundled version of OpenSSL.

For more information: SA37291 SA38807 SA42243 SA42473 SA43227

18) A vulnerability is caused due to a vulnerable bundled version of GNU patch.

For more information: SA43677

19) An unspecified error in QuickLook within the processing of Microsoft Office files can be exploited to corrupt memory, which may allow execution of arbitrary code.

20) An integer overflow error in QuickTime when handling RIFF WAV files can be exploited to execute arbitrary code.

21) An error within QuickTime when processing sample tables in QuickTime movie files can be exploited to corrupt memory, which may allow execution of arbitrary code.

22) An integer overflow error in QuickTime when handling certain movie files can be exploited to execute arbitrary code.

23) An error in QuickTime when handling PICT image files can be exploited to cause a buffer overflow and execute arbitrary code.

24) An error in QuickTime when handling JPEG image files can be exploited to cause a buffer overflow and execute arbitrary code.

25) Some vulnerabilities are caused due to a vulnerable bundled version of Samba.

For more information: SA41354 SA43512

26) An error in servermgrd when handling XML-RPC requests can be exploited to disclose arbitrary files from the local resources.

27) A vulnerability is caused due to a vulnerable bundled version of subversion.

For more information: SA43603

SOLUTION: Update to version 10.6.8 or apply Security Update 2011-004.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Paul Nelson 3) Marc Schoenefeld, Red Hat Security Response Team and Harry Sintonen 4) Chris Hawk and Wan-Teh Chang, Google 5) binaryproof via ZDI 6) Harry Sintonen 7) Cristian Draghici, Modulo Consulting and Felix Grobert, Google Security Team 8) team karlkani 9) Dominic Chell, NGS Secure 10) Harry Sintonen 11) David Bienvenu, Mozilla 12) Thomas Clement, Intego 13) Maksymilian Arciemowicz 14) Chris Evans, Google Chrome Security Team 15) Aaron Sigel, vtty.com 19)Tobias Klein via iDefense 20, 22) Luigi Auriemma via ZDI 21) Honggang Ren, Fortinet's FortiGuard Labs 23) Subreption LLC via ZDI 24) Luigi Auriemma via iDefense

1, 26) Reported by the vendor

ORIGINAL ADVISORY: Apple Security Update 2011-004: http://support.apple.com/kb/HT4723

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201106-0018",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.2"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.3"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.4"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.5"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.6"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.7"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.7"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.1"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.6"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.6.0"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.6.5"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.6.4"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.6.3"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.6.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.6.0"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.6.2"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.6 to  v10.6.7"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.6 to  v10.6.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.10"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "mac os server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "48422"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201106-319"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-1132"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Thomas Clement of Intego",
    "sources": [
      {
        "db": "BID",
        "id": "48422"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-1132",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 4.9,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2011-1132",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-49077",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-1132",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201106-319",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-49077",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49077"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201106-319"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options. Apple Mac OS X is prone to a local denial-of-service vulnerability. \nLocal attackers can exploit this issue to cause a system reset, denying service to legitimate users. \nThis issue affects Mac OS X 10.6 to 10.6.7 and Mac OS X Server 10.6 to  10.6.7. \nNOTE: This issue was previously discussed in BID 48412 (Apple Mac OS X Prior to 10.6.8 Multiple Security Vulnerabilities) but has been given its own record to better document it. ----------------------------------------------------------------------\n\n\nFrost \u0026 Sullivan 2011 Report: Secunia Vulnerability Research\n\\\"Frost \u0026 Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\\\" This is just one of the key factors that influenced Frost \u0026 Sullivan to select Secunia over other companies. \nRead the report here:\nhttp://secunia.com/products/corporate/vim/fs_request_2011/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Mac OS X Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45054\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45054/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45054\n\nRELEASE DATE:\n2011-06-25\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45054/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45054/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45054\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nApple has issued a security update for Mac OS X, which fixes multiple\nvulnerabilities. \n\n1) An error within AirPort when handling Wi-Fi frames can be\nexploited to trigger an out-of-bounds memory access and cause a\nsystem reset. \n\n2) An error within App Store may lead to a user\u0027s AppleID password\nbeing logged to a local file. \n\n3) An unspecified error in the handling of embedded TrueType fonts in\nApple Type Services (ATS) can be exploited to cause a heap-based\nbuffer overflow when a specially crafted document is viewed or\ndownloaded. \n\n4) An error within Certificate Trust Policy when handling an Extended\nValidation (EV) certificate with no OCSP URL can be exploited to\ndisclose certain sensitive information via Man-in-the-Middle (MitM)\nattacks. \n\n5) An integer overflow error when processing ColorSync profiles\nembedded in images can be exploited to cause a heap-based buffer\noverflow and potentially execute arbitrary code via a specially\ncrafted image. \n\n6) An off-by-one error within the CoreFoundation framework when\nhandling CFStrings can be exploited to execute arbitrary code. \n\n7) An integer overflow error in CoreGraphics when handling PDF files\ncontaining Type 1 fonts can be exploited to cause a buffer overflow\nvia a specially crafted PDF file. \n\n8) A path validation error within xftpd can be exploited to perform a\nrecursive directory listing and disclose the list of otherwise\nrestricted files. \n\n9) An error in ImageIO within the handling of TIFF files can be\nexploited to cause a heap-based buffer overflow. \n\n10) An error in ImageIO within the handling of JPEG2000 files can be\nexploited to cause a heap-based buffer overflow. \n\n11) An error within ICU (International Components for Unicode) when\nhandling certain uppercase strings can be exploited to cause a buffer\noverflow. \n\n13) An error within Libsystem when using the glob(3) API can be\nexploited to cause a high CPU consumption. \n\n14) An error within libxslt can be exploited to disclose certain\naddresses from the heap. \n\nFor more information see vulnerability #2 in:\nSA43832\n\n15) An error exists within MobileMe when determining a user\u0027s email\naliases. This can be exploited to disclose a user\u0027s MobileMe email\naliases via Man-in-the-Middle (MitM) attacks. \n\n16) Some vulnerabilities are caused due to a vulnerable bundled\nversion of MySQL. \n\nFor more information:\nSA41048\nSA41716\n\n17) Some vulnerabilities are caused due to a vulnerable bundled\nversion of OpenSSL. \n\nFor more information:\nSA37291\nSA38807\nSA42243\nSA42473\nSA43227\n\n18) A vulnerability is caused due to a vulnerable bundled version of\nGNU patch. \n\nFor more information:\nSA43677\n\n19) An unspecified error in QuickLook within the processing of\nMicrosoft Office files can be exploited to corrupt memory, which may\nallow execution of arbitrary code. \n\n20) An integer overflow error in QuickTime when handling RIFF WAV\nfiles can be exploited to execute arbitrary code. \n\n21) An error within QuickTime when processing sample tables in\nQuickTime movie files can be exploited to corrupt memory, which may\nallow execution of arbitrary code. \n\n22) An integer overflow error in QuickTime when handling certain\nmovie files can be exploited to execute arbitrary code. \n\n23) An error in QuickTime when handling PICT image files can be\nexploited to cause a buffer overflow and execute arbitrary code. \n\n24) An error in QuickTime when handling JPEG image files can be\nexploited to cause a buffer overflow and execute arbitrary code. \n\n25) Some vulnerabilities are caused due to a vulnerable bundled\nversion of Samba. \n\nFor more information:\nSA41354\nSA43512\n\n26) An error in servermgrd when handling XML-RPC requests can be\nexploited to disclose arbitrary files from the local resources. \n\n27) A vulnerability is caused due to a vulnerable bundled version of\nsubversion. \n\nFor more information:\nSA43603\n\nSOLUTION:\nUpdate to version 10.6.8 or apply Security Update 2011-004. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Paul Nelson\n3) Marc Schoenefeld, Red Hat Security Response Team and Harry\nSintonen\n4) Chris Hawk and Wan-Teh Chang, Google\n5) binaryproof via ZDI\n6) Harry Sintonen\n7) Cristian Draghici, Modulo Consulting and Felix Grobert, Google\nSecurity Team\n8) team karlkani\n9) Dominic Chell, NGS Secure\n10) Harry Sintonen\n11) David Bienvenu, Mozilla\n12) Thomas Clement, Intego\n13) Maksymilian Arciemowicz\n14) Chris Evans, Google Chrome Security Team\n15) Aaron Sigel, vtty.com\n19)Tobias Klein via iDefense\n20, 22) Luigi Auriemma via ZDI\n21) Honggang Ren, Fortinet\u0027s FortiGuard Labs\n23) Subreption LLC via ZDI\n24) Luigi Auriemma via iDefense\n\n1, 26) Reported by the vendor\n\nORIGINAL ADVISORY:\nApple Security Update 2011-004:\nhttp://support.apple.com/kb/HT4723\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-1132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      },
      {
        "db": "BID",
        "id": "48422"
      },
      {
        "db": "VULHUB",
        "id": "VHN-49077"
      },
      {
        "db": "PACKETSTORM",
        "id": "102569"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-1132",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "48422",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201106-319",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "45054",
        "trust": 0.7
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2011-06-23-1",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "17108",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "17115",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-49077",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "102569",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49077"
      },
      {
        "db": "BID",
        "id": "48422"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      },
      {
        "db": "PACKETSTORM",
        "id": "102569"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201106-319"
      }
    ]
  },
  "id": "VAR-201106-0018",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49077"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T10:52:27.776000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT4723",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4723"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1132"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht4723"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2011//jun/msg00000.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00001.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/48422"
      },
      {
        "trust": 1.1,
        "url": "http://support.apple.com/kb/ht4999"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1132"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu976710"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1132"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/45054"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/17115"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/17108"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/macosx/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/vim/fs_request_2011/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/45054/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45054"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/45054/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49077"
      },
      {
        "db": "BID",
        "id": "48422"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      },
      {
        "db": "PACKETSTORM",
        "id": "102569"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201106-319"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-49077"
      },
      {
        "db": "BID",
        "id": "48422"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      },
      {
        "db": "PACKETSTORM",
        "id": "102569"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201106-319"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-06-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-49077"
      },
      {
        "date": "2011-06-23T00:00:00",
        "db": "BID",
        "id": "48422"
      },
      {
        "date": "2011-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      },
      {
        "date": "2011-06-24T11:18:16",
        "db": "PACKETSTORM",
        "id": "102569"
      },
      {
        "date": "2011-06-24T20:55:02.653000",
        "db": "NVD",
        "id": "CVE-2011-1132"
      },
      {
        "date": "2011-06-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201106-319"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-10-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-49077"
      },
      {
        "date": "2015-03-19T09:16:00",
        "db": "BID",
        "id": "48422"
      },
      {
        "date": "2011-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      },
      {
        "date": "2011-10-27T03:23:47.620000",
        "db": "NVD",
        "id": "CVE-2011-1132"
      },
      {
        "date": "2011-06-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201106-319"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "48422"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201106-319"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Mac OS X of  kernel of  IPv6 Service disruption in implementation  (Null Pointer dereference and reboot ) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001842"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201106-319"
      }
    ],
    "trust": 0.6
  }
}

GHSA-4R7F-44RF-3G28

Vulnerability from github – Published: 2022-05-17 05:37 – Updated: 2022-05-17 05:37

Details

The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-1132"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-06-24T20:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.",
  "id": "GHSA-4r7f-44rf-3g28",
  "modified": "2022-05-17T05:37:17Z",
  "published": "2022-05-17T05:37:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1132"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4723"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4999"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/48422"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2011-1132

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.

Aliases

CVE-2011-1132

Aliases

CVE-2011-1132

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-1132",
    "description": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.",
    "id": "GSD-2011-1132"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-1132"
      ],
      "details": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.",
      "id": "GSD-2011-1132",
      "modified": "2023-12-13T01:19:08.719284Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-1132",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://support.apple.com/kb/HT4723",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-10-12-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "48422",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/48422"
          },
          {
            "name": "http://support.apple.com/kb/HT4999",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4999"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1132"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4999",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4999"
            },
            {
              "name": "APPLE-SA-2011-10-12-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
            },
            {
              "name": "48422",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/48422"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2011-10-27T03:23Z",
      "publishedDate": "2011-06-24T20:55Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-1132 (GCVE-0-2011-1132)

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Tags

Sightings

Nomenclature