Vulnerability Name:
CVE-2011-0176 (CCN-66221)
Assigned:
2010-12-23
Published:
2011-03-21
Updated:
2011-03-24
Summary:
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded Type 1 font.
CVSS v3 Severity:
7.3 High
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
Low
Integrity (I):
Low
Availibility (A):
Low
CVSS v2 Severity:
6.8 Medium
(CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
)
5.0 Medium
(Temporal CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Medium
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
6.8 Medium
(CCN CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
)
5.0 Medium
(CCN Temporal CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Medium
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
Vulnerability Type:
CWE-119
Vulnerability Consequences:
Gain Access
References:
Source: MITRE
Type: CNA
CVE-2011-0176
Source: APPLE
Type: Patch, Vendor Advisory
APPLE-SA-2011-03-21-1
Source: CCN
Type: SA43814
Apple Mac OS X Multiple Vulnerabilities
Source: CCN
Type: Apple Web site
About the security content of Mac OS X v10.6.7 and Security Update 2011-001
Source: CONFIRM
Type: Patch, Vendor Advisory
http://support.apple.com/kb/HT4581
Source: CCN
Type: OSVDB ID: 71630
Apple Mac OS X ATS Type 1 Font Handling Multiple Overflows
Source: CCN
Type: BID-46971
Apple Mac OS X Type 1 Embedded Fonts Multiple Buffer Overflow Vulnerabilities
Source: XF
Type: UNKNOWN
macos-type1-bo(66221)
Source: CCN
Type: ZDI-11-108
Mac OS X Compact Font Format Decoder Remote Code Execution Vulnerability
Vulnerable Configuration:
Configuration 1
:
cpe:/o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:*
(Version <= 10.6.6)
Configuration 2
:
cpe:/o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
(Version <= 10.6.6)
Configuration CCN 1
:
cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
apple
mac os x 10.6.0
apple
mac os x 10.6.1
apple
mac os x 10.6.2
apple
mac os x 10.6.3
apple
mac os x 10.6.4
apple
mac os x 10.6.5
apple
mac os x *
apple
mac os x server 10.6.0
apple
mac os x server 10.6.1
apple
mac os x server 10.6.2
apple
mac os x server 10.6.3
apple
mac os x server 10.6.4
apple
mac os x server 10.6.5
apple
mac os x server *
apple
mac os x server 10.6
apple
mac os x 10.6
apple
mac os x server 10.6.1
apple
mac os x 10.6.1
apple
mac os x server 10.6.2
apple
mac os x 10.6.2
apple
mac os x 10.6.3
apple
mac os x server 10.6.3
apple
mac os x server 10.6.4
apple
mac os x 10.6.4
apple
mac os x server 10.6.5
apple
mac os x 10.6.5
apple
mac os x server 10.6.6
apple
mac os x 10.6.6