Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2010-AVI-548
Vulnerability from certfr_avis - Published: 2010-11-12 - Updated: 2010-11-12
De nombreuses vulnérabilités ont été découvertes dans le système d'exploitation Mac OS X. Leur exploitation permet, entre autres, l'exécution de code arbitraire à distance.
Description
De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Mac OS X. Notamment :
- AFP Server ;
- AppKit ;
- ATS ;
- CFNetwork ;
- CoreGraphics ;
- CoreText ;
- Directory Services ;
- diskdev_cmds ;
- Disk Images ;
- Image Capture ;
- ImageIO ;
- Image RAW ;
- Kernel ;
- Networking ;
- Password Server ;
- Printing ;
- QuickLook ;
- QuickTime ;
- Safari ;
- Time Machine ;
- Wiki Server ;
- xar.
Cette mise à jour corrige également un grand nombre de vulnérabilités dans des logiciels inclus au système d'exploitation comme Apache, CUPS, Flash Player, gzip, MySQL, OpenLDAP, OpenSSL, PHP, python, X11.
Parmi les failles corrigées, certaines permettent l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Mac OS X Server 10.6.0 \u00e0 10.6.4.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Mac OS X 10.5.8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Mac OS X 10.6.0 \u00e0 10.6.4 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Mac OS X Server 10.5.8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Mac OS X. Notamment :\n\n- AFP Server ;\n- AppKit ;\n- ATS ;\n- CFNetwork ;\n- CoreGraphics ;\n- CoreText ;\n- Directory Services ;\n- diskdev_cmds ;\n- Disk Images ;\n- Image Capture ;\n- ImageIO ;\n- Image RAW ;\n- Kernel ;\n- Networking ;\n- Password Server ;\n- Printing ;\n- QuickLook ;\n- QuickTime ;\n- Safari ;\n- Time Machine ;\n- Wiki Server ;\n- xar.\n\nCette mise \u00e0 jour corrige \u00e9galement un grand nombre de vuln\u00e9rabilit\u00e9s\ndans des logiciels inclus au syst\u00e8me d\u0027exploitation comme Apache, CUPS,\nFlash Player, gzip, MySQL, OpenLDAP, OpenSSL, PHP, python, X11.\n\nParmi les failles corrig\u00e9es, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-3793",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3793"
},
{
"name": "CVE-2010-2167",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2167"
},
{
"name": "CVE-2010-2173",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2173"
},
{
"name": "CVE-2010-3783",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3783"
},
{
"name": "CVE-2010-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2163"
},
{
"name": "CVE-2010-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3642"
},
{
"name": "CVE-2009-4134",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-4134"
},
{
"name": "CVE-2010-1803",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1803"
},
{
"name": "CVE-2010-3788",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3788"
},
{
"name": "CVE-2010-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3638"
},
{
"name": "CVE-2010-1846",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1846"
},
{
"name": "CVE-2010-2484",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2484"
},
{
"name": "CVE-2010-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3640"
},
{
"name": "CVE-2010-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0434"
},
{
"name": "CVE-2010-1834",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1834"
},
{
"name": "CVE-2010-2499",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2499"
},
{
"name": "CVE-2010-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2519"
},
{
"name": "CVE-2010-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3646"
},
{
"name": "CVE-2010-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0211"
},
{
"name": "CVE-2010-2531",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2531"
},
{
"name": "CVE-2010-2170",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2170"
},
{
"name": "CVE-2010-3784",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3784"
},
{
"name": "CVE-2010-1840",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1840"
},
{
"name": "CVE-2010-1845",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1845"
},
{
"name": "CVE-2010-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3639"
},
{
"name": "CVE-2010-3654",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
},
{
"name": "CVE-2010-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0205"
},
{
"name": "CVE-2010-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1752"
},
{
"name": "CVE-2010-2249",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
},
{
"name": "CVE-2010-3643",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3643"
},
{
"name": "CVE-2010-1849",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1849"
},
{
"name": "CVE-2010-1842",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1842"
},
{
"name": "CVE-2010-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2176"
},
{
"name": "CVE-2010-3650",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3650"
},
{
"name": "CVE-2010-1378",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1378"
},
{
"name": "CVE-2010-2497",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2497"
},
{
"name": "CVE-2010-3798",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3798"
},
{
"name": "CVE-2010-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2162"
},
{
"name": "CVE-2009-2474",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2474"
},
{
"name": "CVE-2010-1205",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
},
{
"name": "CVE-2010-2172",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2172"
},
{
"name": "CVE-2010-2181",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2181"
},
{
"name": "CVE-2010-3796",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3796"
},
{
"name": "CVE-2010-1850",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1850"
},
{
"name": "CVE-2010-3795",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3795"
},
{
"name": "CVE-2010-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2160"
},
{
"name": "CVE-2010-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3786"
},
{
"name": "CVE-2010-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3644"
},
{
"name": "CVE-2010-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2179"
},
{
"name": "CVE-2010-1831",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1831"
},
{
"name": "CVE-2010-3647",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3647"
},
{
"name": "CVE-2010-3790",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3790"
},
{
"name": "CVE-2010-2214",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2214"
},
{
"name": "CVE-2010-1450",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1450"
},
{
"name": "CVE-2010-0408",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0408"
},
{
"name": "CVE-2010-2165",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2165"
},
{
"name": "CVE-2010-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2171"
},
{
"name": "CVE-2010-1844",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1844"
},
{
"name": "CVE-2010-2498",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2498"
},
{
"name": "CVE-2010-4010",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4010"
},
{
"name": "CVE-2010-3793",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3793"
},
{
"name": "CVE-2010-0209",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0209"
},
{
"name": "CVE-2010-2182",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2182"
},
{
"name": "CVE-2010-3649",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3649"
},
{
"name": "CVE-2010-1847",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1847"
},
{
"name": "CVE-2010-1841",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1841"
},
{
"name": "CVE-2010-2175",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2175"
},
{
"name": "CVE-2010-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2180"
},
{
"name": "CVE-2010-1828",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1828"
},
{
"name": "CVE-2010-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0397"
},
{
"name": "CVE-2010-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2520"
},
{
"name": "CVE-2008-4546",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4546"
},
{
"name": "CVE-2010-1297",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1297"
},
{
"name": "CVE-2010-2941",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2941"
},
{
"name": "CVE-2010-2187",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2187"
},
{
"name": "CVE-2010-2164",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2164"
},
{
"name": "CVE-2010-2884",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2884"
},
{
"name": "CVE-2010-3636",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3636"
},
{
"name": "CVE-2010-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1836"
},
{
"name": "CVE-2010-3794",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3794"
},
{
"name": "CVE-2010-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2161"
},
{
"name": "CVE-2010-1843",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1843"
},
{
"name": "CVE-2010-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2808"
},
{
"name": "CVE-2010-2215",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2215"
},
{
"name": "CVE-2010-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2805"
},
{
"name": "CVE-2010-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2178"
},
{
"name": "CVE-2010-3787",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3787"
},
{
"name": "CVE-2010-1832",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1832"
},
{
"name": "CVE-2009-0946",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0946"
},
{
"name": "CVE-2010-2177",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2177"
},
{
"name": "CVE-2009-2473",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2473"
},
{
"name": "CVE-2010-3053",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3053"
},
{
"name": "CVE-2010-3789",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3789"
},
{
"name": "CVE-2010-1829",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1829"
},
{
"name": "CVE-2010-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2166"
},
{
"name": "CVE-2010-1848",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1848"
},
{
"name": "CVE-2010-3645",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3645"
},
{
"name": "CVE-2010-0212",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0212"
},
{
"name": "CVE-2010-3054",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3054"
},
{
"name": "CVE-2010-2184",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2184"
},
{
"name": "CVE-2010-3648",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3648"
},
{
"name": "CVE-2010-3791",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3791"
},
{
"name": "CVE-2010-1449",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1449"
},
{
"name": "CVE-2010-3976",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3976"
},
{
"name": "CVE-2010-3797",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3797"
},
{
"name": "CVE-2010-1830",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1830"
},
{
"name": "CVE-2010-3641",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3641"
},
{
"name": "CVE-2010-2189",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2189"
},
{
"name": "CVE-2010-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3792"
},
{
"name": "CVE-2010-2216",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2216"
},
{
"name": "CVE-2010-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2174"
},
{
"name": "CVE-2010-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2169"
},
{
"name": "CVE-2010-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1837"
},
{
"name": "CVE-2010-2806",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2806"
},
{
"name": "CVE-2009-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2624"
},
{
"name": "CVE-2010-2188",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2188"
},
{
"name": "CVE-2010-2185",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2185"
},
{
"name": "CVE-2010-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1833"
},
{
"name": "CVE-2010-1811",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1811"
},
{
"name": "CVE-2010-2500",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2500"
},
{
"name": "CVE-2010-2213",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2213"
},
{
"name": "CVE-2009-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0796"
},
{
"name": "CVE-2010-2186",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2186"
},
{
"name": "CVE-2010-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1838"
},
{
"name": "CVE-2010-2807",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2807"
},
{
"name": "CVE-2010-3785",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3785"
},
{
"name": "CVE-2010-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2183"
},
{
"name": "CVE-2010-0105",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0105"
},
{
"name": "CVE-2010-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
},
{
"name": "CVE-2010-3652",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3652"
}
],
"initial_release_date": "2010-11-12T00:00:00",
"last_revision_date": "2010-11-12T00:00:00",
"links": [],
"reference": "CERTA-2010-AVI-548",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-11-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le syst\u00e8me\nd\u0027exploitation \u003cspan class=\"textit\"\u003eMac OS X\u003c/span\u003e. Leur exploitation\npermet, entre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple 2010-007 du 11 novembre 2010",
"url": "http://support.apple.com/kb/HT4435"
}
]
}
CVE-2010-3652 (GCVE-0-2010-3652)
Vulnerability from cvelistv5 – Published: 2010-11-07 21:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3650.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
22 references
Date Public
2010-11-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:52.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2011-0192",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"name": "42183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
},
{
"name": "43026",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43026"
},
{
"name": "GLSA-201101-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"name": "ADV-2010-2918",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2918"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "44687",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44687"
},
{
"name": "RHSA-2010:0834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
},
{
"name": "SUSE-SA:2010:055",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
},
{
"name": "42926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42926"
},
{
"name": "SSRT100428",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331642631603\u0026w=2"
},
{
"name": "ADV-2010-2903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2903"
},
{
"name": "HPSBMA02663",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331642631603\u0026w=2"
},
{
"name": "ADV-2011-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0173"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"name": "oval:org.mitre.oval:def:11965",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11965"
},
{
"name": "ADV-2010-2906",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2906"
},
{
"name": "RHSA-2010:0867",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
},
{
"name": "oval:org.mitre.oval:def:15284",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15284"
},
{
"name": "RHSA-2010:0829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3650."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "ADV-2011-0192",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"name": "42183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
},
{
"name": "43026",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43026"
},
{
"name": "GLSA-201101-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"name": "ADV-2010-2918",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2918"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "44687",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44687"
},
{
"name": "RHSA-2010:0834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
},
{
"name": "SUSE-SA:2010:055",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
},
{
"name": "42926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42926"
},
{
"name": "SSRT100428",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331642631603\u0026w=2"
},
{
"name": "ADV-2010-2903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2903"
},
{
"name": "HPSBMA02663",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331642631603\u0026w=2"
},
{
"name": "ADV-2011-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0173"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"name": "oval:org.mitre.oval:def:11965",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11965"
},
{
"name": "ADV-2010-2906",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2906"
},
{
"name": "RHSA-2010:0867",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
},
{
"name": "oval:org.mitre.oval:def:15284",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15284"
},
{
"name": "RHSA-2010:0829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-3652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3650."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2011-0192",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"name": "42183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42183"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1",
"refsource": "CONFIRM",
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
},
{
"name": "43026",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43026"
},
{
"name": "GLSA-201101-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"name": "ADV-2010-2918",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2918"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "44687",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44687"
},
{
"name": "RHSA-2010:0834",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
},
{
"name": "SUSE-SA:2010:055",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
},
{
"name": "42926",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42926"
},
{
"name": "SSRT100428",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130331642631603\u0026w=2"
},
{
"name": "ADV-2010-2903",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2903"
},
{
"name": "HPSBMA02663",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130331642631603\u0026w=2"
},
{
"name": "ADV-2011-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0173"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"name": "oval:org.mitre.oval:def:11965",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11965"
},
{
"name": "ADV-2010-2906",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2906"
},
{
"name": "RHSA-2010:0867",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
},
{
"name": "oval:org.mitre.oval:def:15284",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15284"
},
{
"name": "RHSA-2010:0829",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2010-3652",
"datePublished": "2010-11-07T21:00:00.000Z",
"dateReserved": "2010-09-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:52.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3654 (GCVE-0-2010-3654)
Vulnerability from cvelistv5 – Published: 2010-10-29 18:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
37 references
Date Public
2010-10-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:52.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2011-0192",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"name": "42183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "42030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42030"
},
{
"name": "ADV-2011-0191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
},
{
"name": "43025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43025"
},
{
"name": "ADV-2011-0344",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0344"
},
{
"name": "43026",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43026"
},
{
"name": "GLSA-201101-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"name": "ADV-2010-2918",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2918"
},
{
"name": "ADV-2010-3111",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "41917",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41917"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "GLSA-201101-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "RHSA-2010:0834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
},
{
"name": "SUSE-SA:2010:055",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
},
{
"name": "1024660",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024660"
},
{
"name": "42926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42926"
},
{
"name": "RHSA-2010:0934",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "ADV-2010-2903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2903"
},
{
"name": "ADV-2011-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0173"
},
{
"name": "42401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42401"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"name": "VU#298081",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/298081"
},
{
"name": "1024659",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024659"
},
{
"name": "TLSA-2011-2",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
},
{
"name": "44504",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44504"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"name": "8210",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8210"
},
{
"name": "ADV-2010-2906",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2906"
},
{
"name": "RHSA-2010:0867",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
},
{
"name": "RHSA-2010:0829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
},
{
"name": "oval:org.mitre.oval:def:13294",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "ADV-2011-0192",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"name": "42183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "42030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42030"
},
{
"name": "ADV-2011-0191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
},
{
"name": "43025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43025"
},
{
"name": "ADV-2011-0344",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0344"
},
{
"name": "43026",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43026"
},
{
"name": "GLSA-201101-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"name": "ADV-2010-2918",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2918"
},
{
"name": "ADV-2010-3111",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "41917",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41917"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "GLSA-201101-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "RHSA-2010:0834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
},
{
"name": "SUSE-SA:2010:055",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
},
{
"name": "1024660",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024660"
},
{
"name": "42926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42926"
},
{
"name": "RHSA-2010:0934",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "ADV-2010-2903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2903"
},
{
"name": "ADV-2011-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0173"
},
{
"name": "42401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42401"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"name": "VU#298081",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/298081"
},
{
"name": "1024659",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024659"
},
{
"name": "TLSA-2011-2",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
},
{
"name": "44504",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44504"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"name": "8210",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8210"
},
{
"name": "ADV-2010-2906",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2906"
},
{
"name": "RHSA-2010:0867",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
},
{
"name": "RHSA-2010:0829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
},
{
"name": "oval:org.mitre.oval:def:13294",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-3654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2011-0192",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"name": "42183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42183"
},
{
"name": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html",
"refsource": "MISC",
"url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "42030",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42030"
},
{
"name": "ADV-2011-0191",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1",
"refsource": "CONFIRM",
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
},
{
"name": "43025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43025"
},
{
"name": "ADV-2011-0344",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0344"
},
{
"name": "43026",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43026"
},
{
"name": "GLSA-201101-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"name": "ADV-2010-2918",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2918"
},
{
"name": "ADV-2010-3111",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "41917",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41917"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "GLSA-201101-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "RHSA-2010:0834",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
},
{
"name": "SUSE-SA:2010:055",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
},
{
"name": "1024660",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024660"
},
{
"name": "42926",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42926"
},
{
"name": "RHSA-2010:0934",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "ADV-2010-2903",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2903"
},
{
"name": "ADV-2011-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0173"
},
{
"name": "42401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42401"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"name": "VU#298081",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/298081"
},
{
"name": "1024659",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024659"
},
{
"name": "TLSA-2011-2",
"refsource": "TURBO",
"url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
},
{
"name": "44504",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44504"
},
{
"name": "http://www.adobe.com/support/security/advisories/apsa10-05.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"name": "8210",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8210"
},
{
"name": "ADV-2010-2906",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2906"
},
{
"name": "RHSA-2010:0867",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
},
{
"name": "RHSA-2010:0829",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
},
{
"name": "oval:org.mitre.oval:def:13294",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2010-3654",
"datePublished": "2010-10-29T18:00:00.000Z",
"dateReserved": "2010-09-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:52.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3783 (GCVE-0-2010-3783)
Vulnerability from cvelistv5 – Published: 2010-11-16 21:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1024723 | vdb-entryx_refsource_SECTRACK |
| http://support.apple.com/kb/HT4435 | x_refsource_CONFIRM |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
Date Public
2010-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024723",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024723"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-3783",
"datePublished": "2010-11-16T21:00:00.000Z",
"dateReserved": "2010-10-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:53.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3784 (GCVE-0-2010-3784)
Vulnerability from cvelistv5 – Published: 2010-11-16 21:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified API calls.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1024723 | vdb-entryx_refsource_SECTRACK |
| http://support.apple.com/kb/HT4435 | x_refsource_CONFIRM |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
Date Public
2010-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified API calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3784",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified API calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024723",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024723"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-3784",
"datePublished": "2010-11-16T21:00:00.000Z",
"dateReserved": "2010-10-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:53.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3785 (GCVE-0-2010-3785)
Vulnerability from cvelistv5 – Published: 2010-11-16 21:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1024723 | vdb-entryx_refsource_SECTRACK |
| http://support.apple.com/kb/HT4435 | x_refsource_CONFIRM |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://support.apple.com/kb/HT5004 | x_refsource_CONFIRM |
| http://lists.apple.com/archives/Security-announce… | vendor-advisoryx_refsource_APPLE |
Date Public
2010-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5004"
},
{
"name": "APPLE-SA-2011-10-12-6",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5004"
},
{
"name": "APPLE-SA-2011-10-12-6",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024723",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024723"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT5004",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5004"
},
{
"name": "APPLE-SA-2011-10-12-6",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-3785",
"datePublished": "2010-11-16T21:00:00.000Z",
"dateReserved": "2010-10-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:53.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3786 (GCVE-0-2010-3786)
Vulnerability from cvelistv5 – Published: 2010-11-16 21:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1024723 | vdb-entryx_refsource_SECTRACK |
| http://support.apple.com/kb/HT4435 | x_refsource_CONFIRM |
| http://www.vupen.com/english/advisories/2010/3046 | vdb-entryx_refsource_VUPEN |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://labs.idefense.com/intelligence/vulnerabili… | third-party-advisoryx_refsource_IDEFENSE |
| http://secunia.com/advisories/42314 | third-party-advisoryx_refsource_SECUNIA |
| http://support.apple.com/kb/HT4456 | x_refsource_CONFIRM |
| http://support.apple.com/kb/HT5004 | x_refsource_CONFIRM |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://lists.apple.com/archives/Security-announce… | vendor-advisoryx_refsource_APPLE |
Date Public
2010-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "20101111 Apple Mobile OfficeImport Framework Excel Parsing Memory Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5004"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "APPLE-SA-2011-10-12-6",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-30T10:00:00.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "20101111 Apple Mobile OfficeImport Framework Excel Parsing Memory Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5004"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "APPLE-SA-2011-10-12-6",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024723",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024723"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "ADV-2010-3046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "20101111 Apple Mobile OfficeImport Framework Excel Parsing Memory Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881"
},
{
"name": "42314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42314"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "http://support.apple.com/kb/HT5004",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5004"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "APPLE-SA-2011-10-12-6",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-3786",
"datePublished": "2010-11-16T21:00:00.000Z",
"dateReserved": "2010-10-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:53.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3787 (GCVE-0-2010-3787)
Vulnerability from cvelistv5 – Published: 2010-11-16 21:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://support.apple.com/kb/HT4435 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id?1024729 | vdb-entryx_refsource_SECTRACK |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://support.apple.com/kb/HT4447 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/44798 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/309873 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2010-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "1024729",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4447"
},
{
"name": "44798",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44798"
},
{
"name": "VU#309873",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/309873"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "1024729",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4447"
},
{
"name": "44798",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44798"
},
{
"name": "VU#309873",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/309873"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "1024729",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT4447",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4447"
},
{
"name": "44798",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44798"
},
{
"name": "VU#309873",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/309873"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-3787",
"datePublished": "2010-11-16T21:00:00.000Z",
"dateReserved": "2010-10-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:53.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3788 (GCVE-0-2010-3788)
Vulnerability from cvelistv5 – Published: 2010-11-16 21:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://support.apple.com/kb/HT4435 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id?1024729 | vdb-entryx_refsource_SECTRACK |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://support.apple.com/kb/HT4447 | x_refsource_CONFIRM |
Date Public
2010-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "1024729",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4447"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "1024729",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4447"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3788",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "1024729",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT4447",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4447"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-3788",
"datePublished": "2010-11-16T21:00:00.000Z",
"dateReserved": "2010-10-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:53.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3789 (GCVE-0-2010-3789)
Vulnerability from cvelistv5 – Published: 2010-11-16 21:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://support.apple.com/kb/HT4435 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id?1024729 | vdb-entryx_refsource_SECTRACK |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://support.apple.com/kb/HT4447 | x_refsource_CONFIRM |
Date Public
2010-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "1024729",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4447"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "1024729",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4447"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "1024729",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT4447",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4447"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-3789",
"datePublished": "2010-11-16T21:00:00.000Z",
"dateReserved": "2010-10-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:53.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3790 (GCVE-0-2010-3790)
Vulnerability from cvelistv5 – Published: 2010-11-16 21:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-11-038/ | x_refsource_MISC |
| http://support.apple.com/kb/HT4435 | x_refsource_CONFIRM |
| http://support.apple.com/kb/HT4723 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id?1024729 | vdb-entryx_refsource_SECTRACK |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://support.apple.com/kb/HT4447 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/44794 | vdb-entryx_refsource_BID |
Date Public
2010-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.222Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-038/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4723"
},
{
"name": "1024729",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2011-06-23-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"name": "APPLE-SA-2010-12-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4447"
},
{
"name": "44794",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-038/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4723"
},
{
"name": "1024729",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2011-06-23-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"name": "APPLE-SA-2010-12-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4447"
},
{
"name": "44794",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44794"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-038/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-038/"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "http://support.apple.com/kb/HT4723",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4723"
},
{
"name": "1024729",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2011-06-23-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"name": "APPLE-SA-2010-12-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT4447",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4447"
},
{
"name": "44794",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44794"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-3790",
"datePublished": "2010-11-16T21:00:00.000Z",
"dateReserved": "2010-10-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:53.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…