CVSS: 7.5EPSS: 10%CPEs: 136EXPL: 0CVE-2011-3222 – Apple QuickTime FlashPix JPEG Tables Selector Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3222
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. Desbordamiento de búfer basado en pila en Apple Mac OS X anterior a v10.7.2 permite a atacantes remotos ejecutar código de su elección a través o causar una denegación de servicio (caída de la aplicación) mediante un fichero FlashPix manipulado This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles flashpix files. When a flashpix contains a tile that has a Compression Type 0x2 (JPEG) and an 'JPEG tables selector' value that is bigger then the global stream property 'Maximum JPEG table index', Quicktime will write outside the global JPEG table. This corruption could lead to remote code execution under the context of the current user. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://osvdb.org/76379 http://support.apple.com/kb/HT5002 http://support.apple.com/kb/HT5016 http://www.securityfocus.com/bid/50085 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 10%CPEs: 136EXPL: 0CVE-2011-3223 – Apple QuickTime FLC RLE Packet Count Decompression Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3223
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file. Desbordamiento de búfer basado en pila en QuickTime in Apple Mac OS X anterior a v10.7.2 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de la aplicación) mediante un fichero de película FLIC manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime decodes flic file. Flic files can contain FLC Delta Decompression block containing Run Length Encoded data. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://osvdb.org/76380 http://support.apple.com/kb/HT5002 http://support.apple.com/kb/HT5016 http://www.securityfocus.com/bid/50085 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 2%CPEs: 136EXPL: 0CVE-2011-3228
https://notcve.org/view.php?id=CVE-2011-3228
QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file. QuickTime en Apple Mac OS X anterior a v10.7.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un archivo de película especialmente diseñado • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://osvdb.org/76372 http://support.apple.com/kb/HT5002 http://support.apple.com/kb/HT5016 http://www.securityfocus.com/bid/50085 http://www.securityfocus.com/bid/50127 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 93%CPEs: 99EXPL: 1CVE-2011-3230 – Apple Safari - 'file://' Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2011-3230
Apple Safari before 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote attackers to execute arbitrary code via a crafted web site. Apple Safari anterior a v5.1.1 en Mac OS X no aplica una política destinada a archivo: URLs, que permiten a atacantes remotos ejecutar código arbitrario a través de un sitio web diseñado. Apple Safari versions prior to 5.1.1 fail to enforce an intended policy for file:// URLs and in turn allows for remote attackers to execute code. • https://www.exploit-db.com/exploits/17986 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/76389 http://support.apple.com/kb/HT5000 http://www.securityfocus.com/bid/50162 https://exchange.xforce.ibmcloud.com/vulnerabilities/70567 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 22EXPL: 0CVE-2011-0185
https://notcve.org/view.php?id=CVE-2011-0185
Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file. Vulnerabilidad de formato de cadena en la funcionalidad debug-logging en el Firewall de Aplicación en Apple Mac OS X anteriores a v10.7.2 que permite a usuarios locales conseguir privilegios a través de un nombre de archivo ejecutable manipulado. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://support.apple.com/kb/HT5002 http://www.securityfocus.com/bid/50085 http://www.securityfocus.com/bid/50092 • CWE-134: Use of Externally-Controlled Format String •