Описание
Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted help:topic URL that triggers a buffer overflow.
Ссылки
- Vendor Advisory
- US Government Resource
- US Government Resource
- Vendor Advisory
- Vendor Advisory
- US Government Resource
- US Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.4 (включая)
Одно из
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.20149
Средний
9.3 Critical
CVSS2
Дефекты
CWE-189
Связанные уязвимости
github
почти 4 года назад
Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted help:topic URL that triggers a buffer overflow.
EPSS
Процентиль: 95%
0.20149
Средний
9.3 Critical
CVSS2
Дефекты
CWE-189