Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-0192

Summary
Assigner-apple
Assigner Org ID-286789f9-fbc2-4510-9f9a-43facdede74c
Published At-03 Mar, 2011 | 19:00
Updated At-06 Aug, 2024 | 21:43
Rejected At-
Credits

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:apple
Assigner Org ID:286789f9-fbc2-4510-9f9a-43facdede74c
Published At:03 Mar, 2011 | 19:00
Updated At:06 Aug, 2024 | 21:43
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0845
vdb-entry
x_refsource_VUPEN
http://support.apple.com/kb/HT4564
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
vendor-advisory
x_refsource_SUSE
http://support.apple.com/kb/HT4565
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2011/0599
vdb-entry
x_refsource_VUPEN
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
vendor-advisory
x_refsource_SLACKWARE
http://www.securityfocus.com/bid/46658
vdb-entry
x_refsource_BID
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/43934
third-party-advisory
x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
vendor-advisory
x_refsource_FEDORA
http://support.apple.com/kb/HT4566
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
vendor-advisory
x_refsource_FEDORA
http://www.vupen.com/english/advisories/2011/0621
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2011/0905
vdb-entry
x_refsource_VUPEN
http://www.debian.org/security/2011/dsa-2210
vendor-advisory
x_refsource_DEBIAN
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
vendor-advisory
x_refsource_APPLE
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
vendor-advisory
x_refsource_SUSE
http://blackberry.com/btsc/KB27244
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2011-0318.html
vendor-advisory
x_refsource_REDHAT
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/43664
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0551
vdb-entry
x_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-201209-02.xml
vendor-advisory
x_refsource_GENTOO
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
vendor-advisory
x_refsource_APPLE
http://www.vupen.com/english/advisories/2011/0930
vdb-entry
x_refsource_VUPEN
http://support.apple.com/kb/HT4999
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=678635
x_refsource_CONFIRM
http://www.securitytracker.com/id?1025153
vdb-entry
x_refsource_SECTRACK
http://support.apple.com/kb/HT5001
x_refsource_CONFIRM
http://support.apple.com/kb/HT4554
x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/44135
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0960
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/43585
third-party-advisory
x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/44117
third-party-advisory
x_refsource_SECUNIA
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
vendor-advisory
x_refsource_APPLE
http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/43593
third-party-advisory
x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
vendor-advisory
x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
vendor-advisory
x_refsource_FEDORA
http://secunia.com/advisories/50726
third-party-advisory
x_refsource_SECUNIA
http://support.apple.com/kb/HT4581
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2011/0845
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://support.apple.com/kb/HT4564
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://support.apple.com/kb/HT4565
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2011/0599
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: http://www.securityfocus.com/bid/46658
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/43934
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://support.apple.com/kb/HT4566
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.vupen.com/english/advisories/2011/0621
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2011/0905
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.debian.org/security/2011/dsa-2210
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://blackberry.com/btsc/KB27244
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0318.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/43664
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2011/0551
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://security.gentoo.org/glsa/glsa-201209-02.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.vupen.com/english/advisories/2011/0930
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://support.apple.com/kb/HT4999
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=678635
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securitytracker.com/id?1025153
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://support.apple.com/kb/HT5001
Resource:
x_refsource_CONFIRM
Hyperlink: http://support.apple.com/kb/HT4554
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/44135
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2011/0960
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/43585
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/44117
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/43593
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://secunia.com/advisories/50726
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://support.apple.com/kb/HT4581
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0845
vdb-entry
x_refsource_VUPEN
x_transferred
http://support.apple.com/kb/HT4564
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://support.apple.com/kb/HT4565
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2011/0599
vdb-entry
x_refsource_VUPEN
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
vendor-advisory
x_refsource_SLACKWARE
x_transferred
http://www.securityfocus.com/bid/46658
vdb-entry
x_refsource_BID
x_transferred
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/43934
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://support.apple.com/kb/HT4566
x_refsource_CONFIRM
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.vupen.com/english/advisories/2011/0621
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2011/0905
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.debian.org/security/2011/dsa-2210
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://blackberry.com/btsc/KB27244
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0318.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/43664
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2011/0551
vdb-entry
x_refsource_VUPEN
x_transferred
http://security.gentoo.org/glsa/glsa-201209-02.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.vupen.com/english/advisories/2011/0930
vdb-entry
x_refsource_VUPEN
x_transferred
http://support.apple.com/kb/HT4999
x_refsource_CONFIRM
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=678635
x_refsource_CONFIRM
x_transferred
http://www.securitytracker.com/id?1025153
vdb-entry
x_refsource_SECTRACK
x_transferred
http://support.apple.com/kb/HT5001
x_refsource_CONFIRM
x_transferred
http://support.apple.com/kb/HT4554
x_refsource_CONFIRM
x_transferred
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/44135
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2011/0960
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/43585
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/44117
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/43593
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://secunia.com/advisories/50726
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://support.apple.com/kb/HT4581
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0845
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://support.apple.com/kb/HT4564
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://support.apple.com/kb/HT4565
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0599
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/46658
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/43934
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://support.apple.com/kb/HT4566
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0621
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0905
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.debian.org/security/2011/dsa-2210
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://blackberry.com/btsc/KB27244
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0318.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/43664
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0551
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-201209-02.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0930
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://support.apple.com/kb/HT4999
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=678635
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securitytracker.com/id?1025153
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://support.apple.com/kb/HT5001
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://support.apple.com/kb/HT4554
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/44135
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0960
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/43585
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/44117
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/43593
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://secunia.com/advisories/50726
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://support.apple.com/kb/HT4581
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@apple.com
Published At:03 Mar, 2011 | 20:00
Updated At:11 Apr, 2025 | 00:51

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Apple Inc.
apple
>>itunes>>Versions up to 10.1.2(inclusive)
cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.0.0
cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.0.1
cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.1.0
cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.2.0
cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.5
cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.5.0
cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.6
cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.6.0
cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.7
cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.7.0
cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.7.1
cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.7.2
cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.8.0
cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>4.9.0
cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>5.0
cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>5.0.0
cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>5.0.1
cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>6.0.0
cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>6.0.1
cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>6.0.2
cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>6.0.3
cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>6.0.4
cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>6.0.4.2
cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>6.0.5
cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.0.0
cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.0.1
cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.0.2
cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.1.0
cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.1.1
cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.2.0
cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.3.0
cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.3.1
cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.3.2
cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.4
cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.4.0
cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.4.1
cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.4.2
cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.4.3
cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.5
cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.5.0
cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.6
cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.6.0
cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.6.1
cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.6.2
cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.7
cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.7.0
cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>7.7.1
cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>8.0.0
cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>itunes>>8.0.1
cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://blackberry.com/btsc/KB27244product-security@apple.com
N/A
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.htmlproduct-security@apple.com
N/A
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.htmlproduct-security@apple.com
N/A
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.htmlproduct-security@apple.com
N/A
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.htmlproduct-security@apple.com
N/A
http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.htmlproduct-security@apple.com
N/A
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.htmlproduct-security@apple.com
Patch
Vendor Advisory
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.htmlproduct-security@apple.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.htmlproduct-security@apple.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.htmlproduct-security@apple.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.htmlproduct-security@apple.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.htmlproduct-security@apple.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlproduct-security@apple.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.htmlproduct-security@apple.com
N/A
http://secunia.com/advisories/43585product-security@apple.com
N/A
http://secunia.com/advisories/43593product-security@apple.com
N/A
http://secunia.com/advisories/43664product-security@apple.com
N/A
http://secunia.com/advisories/43934product-security@apple.com
N/A
http://secunia.com/advisories/44117product-security@apple.com
N/A
http://secunia.com/advisories/44135product-security@apple.com
N/A
http://secunia.com/advisories/50726product-security@apple.com
N/A
http://security.gentoo.org/glsa/glsa-201209-02.xmlproduct-security@apple.com
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820product-security@apple.com
N/A
http://support.apple.com/kb/HT4554product-security@apple.com
Vendor Advisory
http://support.apple.com/kb/HT4564product-security@apple.com
N/A
http://support.apple.com/kb/HT4565product-security@apple.com
N/A
http://support.apple.com/kb/HT4566product-security@apple.com
N/A
http://support.apple.com/kb/HT4581product-security@apple.com
N/A
http://support.apple.com/kb/HT4999product-security@apple.com
N/A
http://support.apple.com/kb/HT5001product-security@apple.com
N/A
http://www.debian.org/security/2011/dsa-2210product-security@apple.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2011:043product-security@apple.com
N/A
http://www.redhat.com/support/errata/RHSA-2011-0318.htmlproduct-security@apple.com
N/A
http://www.securityfocus.com/bid/46658product-security@apple.com
N/A
http://www.securitytracker.com/id?1025153product-security@apple.com
N/A
http://www.vupen.com/english/advisories/2011/0551product-security@apple.com
N/A
http://www.vupen.com/english/advisories/2011/0599product-security@apple.com
N/A
http://www.vupen.com/english/advisories/2011/0621product-security@apple.com
N/A
http://www.vupen.com/english/advisories/2011/0845product-security@apple.com
N/A
http://www.vupen.com/english/advisories/2011/0905product-security@apple.com
N/A
http://www.vupen.com/english/advisories/2011/0930product-security@apple.com
N/A
http://www.vupen.com/english/advisories/2011/0960product-security@apple.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=678635product-security@apple.com
N/A
http://blackberry.com/btsc/KB27244af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43585af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43593af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43664af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43934af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/44117af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/44135af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/50726af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-201209-02.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT4554af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://support.apple.com/kb/HT4564af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT4565af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT4566af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT4581af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT4999af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT5001af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2011/dsa-2210af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2011:043af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2011-0318.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/46658af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id?1025153af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0551af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0599af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0621af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0845af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0905af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0930af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0960af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=678635af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://blackberry.com/btsc/KB27244
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
Source: product-security@apple.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/43585
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/43593
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/43664
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/43934
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/44117
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/44135
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/50726
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201209-02.xml
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4554
Source: product-security@apple.com
Resource:
Vendor Advisory
Hyperlink: http://support.apple.com/kb/HT4564
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4565
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4566
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4581
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4999
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT5001
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2011/dsa-2210
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0318.html
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/46658
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1025153
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0551
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0599
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0621
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0845
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0905
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0930
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0960
Source: product-security@apple.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=678635
Source: product-security@apple.com
Resource: N/A
Hyperlink: http://blackberry.com/btsc/KB27244
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43585
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43593
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43664
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43934
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/44117
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/44135
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/50726
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201209-02.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4554
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://support.apple.com/kb/HT4564
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4565
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4566
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4581
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4999
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT5001
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2011/dsa-2210
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0318.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/46658
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1025153
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0551
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0599
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0621
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0845
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0905
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0930
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0960
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=678635
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

7852Records found
CVE-2016-1831
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.95%
||
7 Day CHG-0.25%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchostvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0528
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.16% / 86.39%
||
7 Day CHG~0.00%
Published-31 Mar, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7windows_xpquicktimewindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1723
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-1.70% / 81.50%
||
7 Day CHG~0.00%
Published-01 Feb, 2016 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1725 and CVE-2016-1726.

Action-Not Available
Vendor-n/aApple Inc.
Product-safariiphone_oswatchosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3335
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-7.18% / 91.21%
||
7 Day CHG~0.00%
Published-10 Nov, 2016 | 06:16
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2016windows_7windows_server_2008windows_rt_8.1windows_vistawindows_server_2012windows_8.1windows_10n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3260
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-22.64% / 95.64%
||
7 Day CHG~0.00%
Published-13 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_exploreredgen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0479
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-62.23% / 98.29%
||
7 Day CHG~0.00%
Published-14 Apr, 2010 | 15:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-publishern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0478
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-78.68% / 99.00%
||
7 Day CHG~0.00%
Published-14 Apr, 2010 | 15:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Media Services Stack-based Buffer Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_2000n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3278
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-25.85% / 96.05%
||
7 Day CHG~0.00%
Published-13 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-outlook_rtoutlookn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3367
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-24.25% / 95.87%
||
7 Day CHG~0.00%
Published-14 Sep, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for string-insert and string-append operations, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Silverlight Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-silverlightn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3361
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-19.79% / 95.22%
||
7 Day CHG~0.00%
Published-14 Sep, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-exceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1279
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-43.53% / 97.42%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds WriteAV Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficeexceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1290
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.09% / 83.33%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1291.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsshockwave_playermacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1284
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.55% / 84.90%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowswindows_7shockwave_playerwindows_server_2008windows_server_2003windows_vistamacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1292
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.85% / 90.20%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowswindows_7shockwave_playerwindows_server_2008windows_server_2003windows_vistamacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0589
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.66% / 85.18%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-4144
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.41% / 60.22%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 06:00
Updated-05 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Security" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.Microsoft Corporation
Product-itunesiphone_oswatchostvosmac_os_xwindowsicloudn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3338
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-7.18% / 91.21%
||
7 Day CHG~0.00%
Published-10 Nov, 2016 | 06:16
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2016windows_7windows_server_2008windows_rt_8.1windows_vistawindows_server_2012windows_8.1windows_10n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1817
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.48% / 64.07%
||
7 Day CHG-0.25%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1818 and CVE-2016-1819.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchostvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1286
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.40% / 88.55%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowswindows_7shockwave_playerwindows_server_2008windows_server_2003windows_vistamacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1829
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.48% / 64.09%
||
7 Day CHG-0.33%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1828, and CVE-2016-1830.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchostvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1736
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.25%
||
7 Day CHG~0.00%
Published-24 Mar, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1241
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-26.20% / 96.09%
||
7 Day CHG+7.62%
Published-05 Apr, 2010 | 15:15
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readermac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1291
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.40% / 88.55%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1290.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowswindows_7shockwave_playerwindows_server_2008windows_server_2003windows_vistamacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1288
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-7.68% / 91.53%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowswindows_7shockwave_playerwindows_server_2008windows_server_2003windows_vistamacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1749
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.91% / 82.49%
||
7 Day CHG~0.00%
Published-24 Mar, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0566
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-7.75% / 91.57%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1818
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.91% / 74.85%
||
7 Day CHG-0.44%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1817 and CVE-2016-1819.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchostvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1822
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.93%
||
7 Day CHG-0.27%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOFireWireFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0603
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.98% / 92.74%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0194
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.51% / 92.52%
||
7 Day CHG~0.00%
Published-14 Apr, 2010 | 15:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0204
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-6.58% / 90.77%
||
7 Day CHG~0.00%
Published-14 Apr, 2010 | 15:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0197
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.51% / 92.52%
||
7 Day CHG~0.00%
Published-14 Apr, 2010 | 15:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0201, and CVE-2010-0204.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0120
Matching Score-10
Assigner-Flexera Software LLC
ShareView Details
Matching Score-10
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-15.56% / 94.42%
||
7 Day CHG~0.00%
Published-30 Aug, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content.

Action-Not Available
Vendor-n/aRealNetworks LLCMicrosoft Corporation
Product-realplayer_spwindowsrealplayern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0198
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-26.98% / 96.18%
||
7 Day CHG~0.00%
Published-14 Apr, 2010 | 15:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0202
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.77% / 93.75%
||
7 Day CHG~0.00%
Published-14 Apr, 2010 | 15:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0037
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-4.73% / 88.97%
||
7 Day CHG~0.00%
Published-20 Jan, 2010 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/amac_os_x_server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1824
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.48% / 64.09%
||
7 Day CHG-0.33%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1823.

Action-Not Available
Vendor-n/aApple Inc.
Product-watchosiphone_osmac_os_xtvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1815
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.24% / 46.77%
||
7 Day CHG-0.09%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0036
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.56% / 80.75%
||
7 Day CHG~0.00%
Published-20 Jan, 2010 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/amac_os_x_server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1270
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-35.49% / 96.93%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Buffer Overrun RCE Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-powerpointn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1808
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.35% / 56.94%
||
7 Day CHG-0.25%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchostvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0033
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-80.59% / 99.10%
||
7 Day CHG~0.00%
Published-10 Feb, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Viewer TextBytesAtom Record Stack Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-powerpointn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-4357
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.17% / 38.85%
||
7 Day CHG~0.00%
Published-03 Apr, 2019 | 17:43
Updated-05 Aug, 2024 | 05:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to Xcode 10.

Action-Not Available
Vendor-n/aApple Inc.
Product-xcodeXcode
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0255
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.72%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1834
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-2.82% / 85.59%
||
7 Day CHG+1.11%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

Action-Not Available
Vendor-n/aApple Inc.Canonical Ltd.libxml2 (XMLSoft)Debian GNU/LinuxMcAfee, LLCRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_server_auslibxml2watchosubuntu_linuxenterprise_linux_desktopenterprise_linux_server_eusweb_gatewayenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxiphone_osmac_os_xtvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0245
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-4.25% / 88.34%
||
7 Day CHG~0.00%
Published-04 Aug, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file.

Action-Not Available
Vendor-n/aApple Inc.
Product-quicktimen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0218
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.72%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0029
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-63.06% / 98.32%
||
7 Day CHG~0.00%
Published-10 Feb, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint File Path Handling Buffer Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-powerpointn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0223
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-2.02% / 83.03%
||
7 Day CHG-0.60%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0240
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-2.02% / 83.03%
||
7 Day CHG-0.60%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 157
  • 158
  • Next
Details not found