CVSS: 7.5EPSS: 6%CPEs: 24EXPL: 0CVE-2011-3460 – Apple Quicktime PNG Depth Decoding Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3460
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file. Desbordamiento de búfer en QuickTime en Apple Mac OS X antes de v10.7.3 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de la aplicación) a través de un archivo PNG manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AppleQuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw occurs when the application allocates space for decoding a video sample encoded with the .png format. When calculating space for this surface, the application will explicitly trust the bit-depth within the MediaVideo header. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://lists.apple.com/archives/security-announce/2012/May/msg00005.html http://support.apple.com/kb/HT5130 http://support.apple.com/kb/HT5261 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 2%CPEs: 136EXPL: 0CVE-2011-3228
https://notcve.org/view.php?id=CVE-2011-3228
QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file. QuickTime en Apple Mac OS X anterior a v10.7.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un archivo de película especialmente diseñado • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://osvdb.org/76372 http://support.apple.com/kb/HT5002 http://support.apple.com/kb/HT5016 http://www.securityfocus.com/bid/50085 http://www.securityfocus.com/bid/50127 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 2.6EPSS: 0%CPEs: 132EXPL: 0CVE-2011-3224 – Mac App Store Man-In-The-Middle / Remote Command Execution
https://notcve.org/view.php?id=CVE-2011-3224
The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server. El componente User Documentation en Apple Mac OS X hasta v10.6.8 usa sesiones http para las actualizaciones a información de ayuda de la APP Store, permitiendo a atacantes de "hombre en medio" ejecutar código arbitrario mediante la suplantación de un servidor http. Mac App Store suffers from a man-in-the-middle vulnerability that allows for remote command execution. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://osvdb.org/76375 http://support.apple.com/kb/HT5002 http://www.securityfocus.com/bid/50085 •
CVSS: 7.6EPSS: 0%CPEs: 136EXPL: 0CVE-2011-3213
https://notcve.org/view.php?id=CVE-2011-3213
The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection, which allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for a subsequent connection. El componente File Systems en Apple Mac OS X anterior a v10.7.2 no lleva correctamente el certificado específico X.509 que un usuario manualmente ha aceptado para una conexión inicial https WebDAV, lo que permite un ataque man-in-the-middle para secuestrar la comunicación WebDAV prsentando un certificado de su elección para una conexión subsiguiente. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://support.apple.com/kb/HT5002 http://www.securityfocus.com/bid/50085 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.6EPSS: 0%CPEs: 132EXPL: 0CVE-2011-3218
https://notcve.org/view.php?id=CVE-2011-3218
The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document. La selección "Save for Web" en QuickTime Player de Apple Mac OS X v10.6.8 a través de las exportaciones de los documentos HTML que contienen un enlace http a un archivo de comandos, permite a atacantes de "hombre-en-medio" realizar ataques de ejecución de secuencias de comandos en sitios cruzados mediante la suplantación del servidor http durante la visión local de un documento exportado. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://osvdb.org/76373 http://support.apple.com/kb/HT5002 http://support.apple.com/kb/HT5016 http://www.securityfocus.com/bid/50085 http://www.securityfocus.com/bid/50122 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •