exploitDog

CVE-2011-3446

Опубликовано: 02 фев. 2012

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия до 10.7.2 (включая)

cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*

Версия до 10.7.2 (включая)

cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01341

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-9phx-mqvv-pf8c

github

больше 3 лет назад

Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.

EPSS

Процентиль: 80%

0.01341

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo