7.2
CVE-2011-0182
- EPSS 0.33%
- Veröffentlicht 23.03.2011 02:00:05
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle product-security@apple.com
- Teams Watchlist Login
- Unerledigt Login
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apple ≫ macOS X Server Version <= 10.6.6
Apple ≫ macOS X Server Version10.6.0
Apple ≫ macOS X Server Version10.6.1
Apple ≫ macOS X Server Version10.6.2
Apple ≫ macOS X Server Version10.6.3
Apple ≫ macOS X Server Version10.6.4
Apple ≫ macOS X Server Version10.6.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.549 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.